funsec mailing list archives
Re: s00per firewall
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Sat, 15 Jul 2006 20:24:49 -0400
On 7/15/06, Brian Loe <knobdy () gmail com> wrote:
On 7/14/06, Dude VanWinkle <dudevanwinkle () gmail com> wrote: > Is that the best method for combating DoS and botnets though? Creating > a DB of hosts and logging their patterns of activity? > > Is their an algorithm of "normal" net activity you can apply to > different IP blocks based on who resells them? Do consumer blocks act > with a general measure of a certain type of activity? > > It seems like a promising method IMO Sounds familiar to me. I guess you'd have to start logging all activity on those networks and then mine that data for usage trends and whatnot. Once again US government/military needs pave the way for technological advances. Brian <who is incredibly smug - don't you think?>
I was thinking more along the lines of a company monitoring their own clientele, but hey if the Govt would actually do something useful with all their snooping and stop DoS's that would be pretty nifty. -JP<who hasnt seen any good come out of data mining by The Man so far> _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- s00per firewall Dude VanWinkle (Jul 14)
- Re: s00per firewall C Q (Jul 14)
- Re: s00per firewall Dude VanWinkle (Jul 14)
- Re: s00per firewall C Q (Jul 14)
- Re: s00per firewall Brian Loe (Jul 15)
- Re: s00per firewall Dude VanWinkle (Jul 15)
- Re: s00per firewall Dude VanWinkle (Jul 14)
- Re: s00per firewall C Q (Jul 14)