nanog mailing list archives
networks with many issues
From: Rick Wesson <wessorh () ar com>
Date: Thu, 21 Jul 2005 10:42:48 -0700
I've come across a few requests for reports with over 10,000 issues. for the net ops folks that might have huge blocks with many issues -- what is the most relivant information? Also, how does one go about solving a large set of issues across a huge address space?
Basickly I'm wondering if I can't build some tools to make life easyer and use the reports as an input to the tools.
Also I'd be interested in how large reports should be broken down. I have the issue, address, reverse dns, source and timestamp. would it be best to group the report by issue type.
The issues I am track are Open Proxy (http, socks, other) Website with vunerabilities Spam source( spammed honney pot, spamtrap) Open Relay (smtp)Understand the timestamp is the time I saw the issue from the RBL. I import data at best hourly and the DNSRBLs don't all have timestamps for their data.
I am generaly interested in understanding how to produce information and tools that the large operaters can utilize effectively.
I'd appreciate any thoughts and ideas on how to hande these problems. -rick
Current thread:
- networks with many issues Rick Wesson (Jul 21)
- <Possible follow-ups>
- RE: networks with many issues Kuhtz, Christian (Jul 21)
- RE: networks with many issues Kuhtz, Christian (Jul 21)