BL of Compromised Hosts?

• Previous message (by thread): BL of Compromised Hosts?
• Next message (by thread): BL of Compromised Hosts?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "Avleen" == Avleen Vig <lists-nanog at silverwraith.com> writes:

 >> Would anyone be interested in receiving a text or BGP feed of IPs of 
 >> hosts known/suspected to be compromised and used as parts of DDOS 
 >> attacks? Would anyone be interested in contributing their BGP views?

 Avleen> Hey Deepak,

 Avleen> It's not a BGP feed, but take a look at:
 Avleen> http://www.spamhaus.org/xbl/index.lasso

It also has nothing to do with DDoS attacks; it's intended use is only
for blocking email traffic. The XBL incorporates the CBL, and the CBL
team does not support the use of its data for purposes other than
blocking incoming SMTP traffic. The reason for this is that the CBL
lists a very large number of dynamic IPs, and has a very long
expiration time (months). Accordingly, using it to block general
traffic will have a high false-positive rate.

-- 
Andrew, Supernews
http://www.supernews.com

• Previous message (by thread): BL of Compromised Hosts?
• Next message (by thread): BL of Compromised Hosts?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]