On Sun, 27 Jan 2008 12:21:27 PST, "Tomas L. Byrnes" said: > I'm the CTO and founder of ThreatSTOP (www.threatstop.com), and we're > currently propagating the DShield, and some other, block lists for use > in firewalls. I'm interested in gathering additional threat information, > and serving additional communities. > > Is there any interest in a collaborative platform where anonymized > candidates for blocking would be submitted by a trusted group, and then > propagated out to the whole group?
http://www.ranum.com/security/computer_security/editorials/dumb/ This illustrates dumb idea #2. Explain to me how you intend to enumerate enough of the "bad" hosts out there that such a blocklist would help, while still having it small enough that you don't blow out the RAM on whatever device you're installing it on. Have you *tested* whatever iptables/ipf/ACL for proper operation with 10 million entries?
pgpPTSCeqdrFv.pgp
Description: PGP signature
