Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IP Black list?

From: pvzweden () CAIW NL (Patrick van Zweden)
Date: Mon, 15 May 2000 14:12:34 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 10:55 11-5-00 -0700, you wrote:

I'm curious to know what folks think of the idea of a real-time

blacklist

for misbehaving IP addresses/blocks.  Some reputable

person/organization

could maintain it, trusted folks known to the co-ordinator could

recommend

IPs to blockade, and then anyone who chose to could implement the

list into

router or firewall rules.

Thoughts?


I don't think it's a very wise idea to do this.
First think of al the dynamic ip's there are with ISP'S. Blocking them
will hurt "good" users also. And also how do you classify a bad host ?
A host that is just performing a port scan, DoSsing the server, .... ?

I have the same feeling against this as i have against the DUL-list
(http://maps.vix.com/dul/). It is gonna hurt users who are just
normally using the internet and not doing anything bad.

cu,

Patrick

P.S I appologise for any bad English. English is not my native
language.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0

iQA/AwUBOR/boy24bpT1ip5mEQItjgCg7LSrZYZ9/VYwvypQb0a4VvmTJx8AoJZU
la9zOjsNHNxvIfsrd/eHwWp2
=rnnX
-----END PGP SIGNATURE-----

----
P. van Zweden (pvzweden () caiw nl)
"Warning: you are logged into reality as root..."
Previous By Date Next
Previous By Thread Next

Current thread: