nanog mailing list archives
Re: BGP list of phishing sites?
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Sun, 27 Jun 2004 18:34:07 +0000 (GMT)
On Sun, 27 Jun 2004, Scott Call wrote:
Happy Sunday nanogers... I was doing some follow up reading on the "js.scob.trojan", the latest "hole big enough to drive a truck through" exploit for Internet Explorer. On the the things the article mentioned is that ISP/NSPs are shutting off access to the web site in russia where the malware is being downloaded from. Now we've done this in the past when a known target of a DDOS was upcoming or a known website hosted part of a malware package, and it is fairly effective in stopping the problems. So what I was curious about is would there be interest in a BGP feed (like the DNSBLs used to be) to null route known malicious sites like that?
don't reinvent the wheel: www.cymru.com has a project already under way for this, with many operators participating at this time.
Current thread:
- BGP list of phishing sites? Scott Call (Jun 27)
- Re: BGP list of phishing sites? Christopher L. Morrow (Jun 27)
- Re: BGP list of phishing sites? Iljitsch van Beijnum (Jun 27)
- Re: BGP list of phishing sites? Paul Vixie (Jun 27)
- Re: BGP list of phishing sites? Website behind Net attack offline Henry Linneweh (Jun 27)
- Re: BGP list of phishing sites? Stephen J. Wilcox (Jun 28)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)
- Re: BGP list of phishing sites? Dan Hollis (Jun 28)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)
- Re: BGP list of phishing sites? Edward B. Dreger (Jun 28)
- Re: BGP list of phishing sites? Christopher L. Morrow (Jun 28)
- Re: BGP list of phishing sites? Michael . Dillon (Jun 29)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)