nanog mailing list archives
Re: BL of Compromised Hosts?
From: "Andrew - Supernews" <andrew () supernews net>
Date: Sun, 22 Feb 2004 22:54:10 +0000
"Avleen" == Avleen Vig <lists-nanog () silverwraith com> writes:
Would anyone be interested in receiving a text or BGP feed of IPs of hosts known/suspected to be compromised and used as parts of DDOS attacks? Would anyone be interested in contributing their BGP views?
Avleen> Hey Deepak, Avleen> It's not a BGP feed, but take a look at: Avleen> http://www.spamhaus.org/xbl/index.lasso It also has nothing to do with DDoS attacks; it's intended use is only for blocking email traffic. The XBL incorporates the CBL, and the CBL team does not support the use of its data for purposes other than blocking incoming SMTP traffic. The reason for this is that the CBL lists a very large number of dynamic IPs, and has a very long expiration time (months). Accordingly, using it to block general traffic will have a high false-positive rate. -- Andrew, Supernews http://www.supernews.com
Current thread:
- BL of Compromised Hosts? Deepak Jain (Feb 22)
- Re: BL of Compromised Hosts? Daniel Concepcion (Feb 22)
- Re: BL of Compromised Hosts? Rafi Sadowsky (Feb 22)
- Re: BL of Compromised Hosts? Daniel Senie (Feb 22)
- Re: BL of Compromised Hosts? Avleen Vig (Feb 22)
- Re: BL of Compromised Hosts? Andrew - Supernews (Feb 22)
- <Possible follow-ups>
- RE: BL of Compromised Hosts? Michel Py (Feb 22)
- Re: BL of Compromised Hosts? Robert E. Seastrom (Feb 22)
- Re: BL of Compromised Hosts? william(at)elan.net (Feb 22)
- Re: BL of Compromised Hosts? Tom (UnitedLayer) (Feb 23)
- Re: BL of Compromised Hosts? Robert E. Seastrom (Feb 22)
- Re: BL of Compromised Hosts? Daniel Concepcion (Feb 22)
- RE: BL of Compromised Hosts? Michel Py (Feb 22)
- RE: BL of Compromised Hosts? Michel Py (Feb 23)