Shadowserver - ASN & Netblock Alerting & Reporting Service

Andre' M. DiMino adimino at shadowserver.org
Mon Feb 16 22:53:21 CST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Shadowserver Foundation is pleased to announce the formal rollout of
our ASN/netblock alerting and reporting service.

This reporting service is provided free-of-charge and is designed for
ISPs, enterprises, hosting providers, and other organizations that
directly own or control network space. It allows them to receive
customized reports detailing detected malicious activity to assist in
their detection and mitigation program.  Shadowserver has been providing
this service to many subscribers for over two years, and currently
generate over 4000 reports nightly. Since the response to this service
has been extremely positive from our consumer base, we now wish to make
it more widely and openly available.

The reporting service monitors and alerts the following activity:

Detected Botnet Command and Control servers
Infected systems (drones)
DDoS attacks (source and victim)
Scans
Clickfraud
Compromised hosts
Proxies
Spam relays
Malicious software droppers and other related information.

The Shadowserver Foundation filters data received from its worldwide
sensor and monitoring networks and employs an analysis engine to
classify the attacks. It then sorts this data according to ASN,
netblock, and even Geolocation. Detected malicious activity on a
subscriber's network is flagged accordingly and is included in daily
summarization reports detailing the previous 24 hours of activity.
Reports are only sent upon detection of malicious activity.  These
customized reports are made freely available to the responsible network
operators as a subscription service.

To request a free subscription to The Shadowserver Foundation's
ASN/netblock reporting service, send an email from your organization's
email account to  admin at shadowserver.org

Please provide the following information:

Name
Organization
Networks of responsibility by ASN or CIDR
Email address(es) of the report receipients
Contact information for verification

The Shadowserver Foundation is an all volunteer, non-profit,
vendor-neutral organization that gathers, tracks, and reports on
malicious software, botnet activity, and electronic fraud. It is the
mission of the Shadowserver Foundation to improve the security of the
Internet by raising awareness of the presence of compromised servers,
malicious attackers, and the spread of malicious software.
- --


Andre' M. Di Mino - SemperSecurus
The Shadowserver Foundation
http://www.shadowserver.org
Skype: sempersecurus
AIM: sempersecurus

"Make sure that nobody pays back wrong for wrong,
but always try to be kind to each other and to everyone else."
1 Thessalonians 5:15
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmaQsEACgkQPJaIJoADD653DQCgkF4aRfxbpSh+IxBfGyrMqT3X
eAYAnjfPpeA8ATZ//s1VUrim8DbZPO0C
=oMJw
-----END PGP SIGNATURE-----




More information about the NANOG mailing list