Security Incidents mailing list archives
Re: IP Black list?
From: DLuff () IITSCDM COM AU (Luff, Darryl)
Date: Tue, 16 May 2000 10:03:43 +1000
Most of the scans I see come from dialup IP addresses. The machine doing the scans may only be onlyine for a couple of hours. I think by the time you blacklisted them they're probably offline. How do you un-blacklist them? Darryl Luff.
On Thu, 11 May 2000, Stuart Staniford wrote:I'm curious to know what folks think of the idea of a real-timeblacklistfor misbehaving IP addresses/blocks. Some reputable person/organization could maintain it, trusted folks known to the co-ordinator couldrecommendIPs to blockade, and then anyone who chose to could implement the listintorouter or firewall rules.
Current thread:
- Re: LJK2 rootkit?, (continued)
- Re: LJK2 rootkit? Jose Nazario (May 16)
- IP blacklists phi-incident () EXORSUS NET (May 16)
- Re: LJK2 rootkit? Omachonu Ogali (May 16)
- Re: LJK2 rootkit? Jose Nazario (May 18)
- Re: LJK2 rootkit? Omachonu Ogali (May 18)
- Re: LJK2 rootkit? Jens Hektor (May 17)
- Re: LJK2 rootkit? Egon Barfuß jun. (May 17)
- Korea Damian Gerow (May 17)
- Re: IP Black list? Ryan Russell (May 16)
- Re: IP Black list? Tabor J. Wells (May 16)
- Re: IP Black list? Michael Damm (May 15)
- Re: IP Black list? jms (May 15)
- TCP/IP options flags? Matt Beck (May 16)
- unapproved update from [166.93.60.5].61946 James Ankenbrandt (May 17)
- Re: unapproved update from [166.93.60.5].61946 Jon Lewis (May 18)
- Sniffer files Wozz (May 16)
- Re: Sniffer files Randy Janinda (May 18)
- Re: Sniffer files Robert Graham (May 18)