Re: Spamhaus DROP list implementation?

["King, Ronald A." <raking () NSU EDU>]

After debating in my head, I thought posting to the list would be better
than individual replys.

Here is the script (text file).  There are remarks with #### that refer to
areas you will need to change for your environment.

Ronald King
Security Engineer
Norfolk State University
Marie V. McDemmond Center for Applied Research 
Suite 401 
700 Park Ave.
Norfolk, Virginia  23504
Phone:  757-823-3918
Email: raking () nsu edu
http://security.nsu.edu


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Marseglia
Sent: Wednesday, April 29, 2009 3:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Spamhaus DROP list implementation?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Would you mind sharing your script?

Mike Marseglia, OSHEAN
w. 401-886-0887 x208
c. 401-248-4867
e. mike () oshean org



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5)

iEYEARECAAYFAkn4pIwACgkQN2NJvrD3H8y94QCfQ6ZUWzjltkH8puAHpVAvUkDi
fe8AoJmK3sXgIg1pAr+FPHLPydukcVSh
=SjOt
-----END PGP SIGNATURE-----

On Wed, Apr 29, 2009 at 11:23, King, Ronald A. <raking () nsu edu> wrote:
> We have a script running on a Linux box every morning.  It downloads the
> latest list, compares it to yesterday's, and generates an email
notification
> of the changes.  The report also contains Cisco commands to apply to the
> ASA's Spamhaus ACL, both remove and add.  We manually apply the changes as
> we are hesitant to automate it.  While we have no statistics, we have had
> only one case where we were notified it caused problems, when private IPs
> where included in the list. That was a fun one...
>
> Ronald King
> Security Engineer
> Norfolk State University
> Marie V. McDemmond Center for Applied Research
> Suite 401
> 700 Park Ave.
> Norfolk, Virginia  23504
> Phone:  757-823-3918
> Email: raking () nsu edu
> http://security.nsu.edu
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Marseglia
> Sent: Wednesday, April 29, 2009 10:28 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Spamhaus DROP list implementation?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Has anyone implemented the Spamhaus DROP list?  Pros/Cons?
>
>
> http://www.spamhaus.org/drop/
>
> Thank you,
>
> Mike Marseglia, OSHEAN
> w. 401-886-0887 x208
> c. 401-248-4867
> e. mike () oshean org
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5)
>
> iEYEARECAAYFAkn4Y98ACgkQN2NJvrD3H8wtvwCdGrmqUFssrXV8c++jKC0mrKYj
> KqoAnidHML+MUxTE5HbJvDMiKO9r7RKY
> =5fQ7
> -----END PGP SIGNATURE-----

Attachment: do_spamhaus.sh.txt
Description:

Attachment: smime.p7s
Description: