botnet reporting by AS - what about you?

• Previous message (by thread): botnet reporting by AS - what about you?
• Next message (by thread): botnet reporting by AS - what about you?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I'd personally love more reporting services that will actually disclose 
> information to the ISPs who can actually take action to help straighten 
> out their customers. We have far too many people who sit around wringing 
> their hands about how horrible the botnets are, but who won't tell anyone 
> who can do anything about it out of a paranoid sense of "security". I'm 
> not sure this is the best way to go about that though. :)

ok. I'm working on the following service and would like to know if there 
is interest to participate. just drop a not off list if you want to play.

I've been producing daily reports for about 60 ASes in a report via 
email. It is taking significant cycles to produce and I could only hand 
another 60 or so networks. Since this won't scale for me I've decided to 
do near real-time reports over jabber

the idea is to publish reports in the following style:

    anti phishing reports go to the Domain Registrar and AS manager for
    the IP space hosting the phish site.

    botnets, virus infectors, open proxies etc the IP manager get
    notified.

    spamertisements, spam senders will notify the registrar


the reports are text, human readable RFC-822 style headers.

I should have the signup page done next week, i should publish it in 
this notice but I'm just looking for feedback if doing the above is 
something the community would participate in.

I'd like something that scales and what I've done thus far just won't scale.

comments (flames?) please.

-rick

• Previous message (by thread): botnet reporting by AS - what about you?
• Next message (by thread): botnet reporting by AS - what about you?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]