On Mon, Mar 22, 2004 at 10:53:29AM -0600, Ejay Hire wrote:
>
> We get a lot of automated complaints. A human reads all of
> them, and act on some of them. I'm particularly fond of the
> dozen-a-week "Source quench" attack emails we get, where Joe
> Guy's IDS identifies the single source quench
time we should give our
ICMP control messages friendlier names. :)
-Ejay
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On
> Behalf Of Dan Ellis
> Sent: Sunday, March 21, 2004 6:51 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Compromised Hos
On 22 Mar 2004 00:26 UTC Deepak Jain <[EMAIL PROTECTED]> asked:
> Would any broadband providers that received automated, detailed
> (time/date stamp, IP information) with hosts that are being used to
> attack (say as part of a DDOS attack) actually do anything about it?
We are a broadband provid
At 07:26 PM 21/03/2004, Deepak Jain wrote:
Nanogers -
Would any broadband providers that received automated, detailed
(time/date stamp, IP information) with hosts that are being used to
attack (say as part of a DDOS attack) actually do anything about it?
From my experiences, some are muc
[EMAIL PROTECTED] (Deepak Jain) writes:
> Would any broadband providers that received automated, detailed
> (time/date stamp, IP information) with hosts that are being used to
> attack (say as part of a DDOS attack) actually do anything about it?
while not a broadband provider, i would b
:26 PM
To: [EMAIL PROTECTED]
Subject:Compromised Hosts?
Nanogers -
Would any broadband providers that received automated, detailed
(time/date stamp, IP information) with hosts that are being used to
attack (say as part of a DDOS attack) actually do anything about it?
Would the
On Sun, 21 Mar 2004, Deepak Jain wrote:
> Would any broadband providers that received automated, detailed
> (time/date stamp, IP information) with hosts that are being used to
> attack (say as part of a DDOS attack) actually do anything about it?
Most of them dont even do anything when yo
Nanogers -
Would any broadband providers that received automated, detailed
(time/date stamp, IP information) with hosts that are being used to
attack (say as part of a DDOS attack) actually do anything about it?
Would the letter have to include information like "x.x.x.x/32 has been
blackho
>> Michel Py wrote:
>> There is a regrouping of BGP feeds for various "questionable"
>> hosts and networks around AS29467;
> william(at)elan.net wrote:
> That is actually not correct. The AS29467 will stay as being
> used for BOGON and similar data. It is quite likely that other
> ASNs would be
On Mon, 23 Feb 2004, william(at)elan.net wrote:
> I find that most admins that decides on RBL lists are well educated about
> what lists they choose to use are (the end-users are however not always
> well informed about it and that is where most of the complaints are
> coming from).
The fact that
On 22 Feb 2004, Robert E. Seastrom wrote:
> "Michel Py" <[EMAIL PROTECTED]> writes:
>
> > There is a regrouping of BGP feeds for various "questionable" hosts and
> > networks around AS29467;
That is actually not correct. The AS29467 will stay as being used for
BOGON and similar data. It is qu
.
-Original Message-
From: Robert E. Seastrom [mailto:[EMAIL PROTECTED]
Sent: Sunday, February 22, 2004 3:20 PM
To: Michel Py
Cc: Deepak Jain; [EMAIL PROTECTED]
Subject: Re: BL of Compromised Hosts?
"Michel Py" <[EMAIL PROTECTED]> writes:
> There is a regrouping of
"Michel Py" <[EMAIL PROTECTED]> writes:
> There is a regrouping of BGP feeds for various "questionable" hosts and
> networks around AS29467; read
> http://arneill-py.sacramento.ca.us/draft-py-idr-redisfilter-01.txt and
> feel free to contact the authors.
It behooves the prospective user of sai
> "Avleen" == Avleen Vig <[EMAIL PROTECTED]> writes:
>> Would anyone be interested in receiving a text or BGP feed of IPs of
>> hosts known/suspected to be compromised and used as parts of DDOS
>> attacks? Would anyone be interested in contributing their BGP views?
Avleen> Hey Deepak,
On Sun, Feb 22, 2004 at 11:12:38AM -0500, Deepak Jain wrote:
> Would anyone be interested in receiving a text or BGP feed of IPs of
> hosts known/suspected to be compromised and used as parts of DDOS
> attacks? Would anyone be interested in contributing their BGP views?
Hey Deepak,
It's not a
> Deepak Jain wrote:
> Would anyone be interested in receiving a text or BGP
> feed of IPs of hosts known/suspected to be compromised
> and used as parts of DDOS attacks? Would anyone be
> interested in contributing their BGP views?
There is a regrouping of BGP feeds for various "questionable" h
## On 2004-02-22 19:20 +0100 Daniel Concepcion typed:
DC>
DC>
DC> Hi Deepak,
DC>
DC> Check
DC> http://www.cymru.com/BGP/bogon-rs.html
DC> They are doing a good job in this issue.
Not quite - That is a list of BOGON networks
(such as non-allocated, private(RFC1918), ... )
You're probably
At 11:12 AM 2/22/2004, Deepak Jain wrote:
Would anyone be interested in receiving a text or BGP feed of IPs of hosts
known/suspected to be compromised and used as parts of DDOS attacks? Would
anyone be interested in contributing their BGP views?
We have (and I'm sure we're not isolated) been s
Hi Deepak,
Check
http://www.cymru.com/BGP/bogon-rs.html
They are doing a good job in this issue.
Regards,
Daniel
On Sunday 22 February 2004 17:12, Deepak Jain wrote:
> Would anyone be interested in receiving a text or BGP feed of IPs of
> hosts known/suspected to be compromised and used as p
Would anyone be interested in receiving a text or BGP feed of IPs of
hosts known/suspected to be compromised and used as parts of DDOS
attacks? Would anyone be interested in contributing their BGP views?
We have (and I'm sure we're not isolated) been seeing attacks from
several thousand/tens
20 matches
Mail list logo