> I'm curious to see how other feel about this. Is it: > > 1) Recommended. Go for it and publish the IP's and let the > "Gods of IP" > sort out the damage. > 2) A Bad Thing. These are innocent victims, and you will > just have them be > attacked by evil people. > 3) Boring. Who cares? It's Nimda, and an everyday part of > life. Deal with > it and ignore the logs. > > If "1," then I was thinking of going with a "Hall of Shame" > and providing > ARIN look ups, contacts, and the whole bit. I could even allow other > people to post logs there and stuff like that... > > Input appreciated. We already have RBL, and I'm all for creating a new one not limited to e-mail. Personally, I'd be more than happy to firewall out all the losers who are, in a way, driving on the highway leaking fuel. if you can't keep your car in working condition, you shouldn't be on the highway for you are a danger not only to yourself. Now for a company, that is a little tougher. We don't want to deny our users parts of the internet. However, I do believe I can argue a strong case if the list is well-kept and errs on the side of caution. IOW if I can make a case that the list does considerably more good than damage, then I'm sure I can get my company to use it. One problem is that you can't really filter large chunks of individual IPs on the border routers without investing in new hardware quickly. This will be one of the problems this project needs to solve. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed May 08 2002 - 09:21:35 PDT