[SpamCop-List] Re: reporting probes to my system
MikeE at ster.invalid
Mon Sep 13 17:51:01 EDT 2004
Robert Blair wrote:
> "Mike Easter"
>> http://www.dshield.org/ DShield provides a platform for users of
>> firewalls to share intrusion information. DShield is a free and open
> Not a reporting service, it is a blocklist.
I wouldn't say 'it is a blocklist' but the sharing of information can be
used in several ways, including that blocklist which is described at
http://www.dshield.org/block_list_info.php - but DShield doesn't perform
the same way as MNW. DShield accumulates logs from many and thus
facilitates sharing information but it doesn't report to providers like
Reports and Database Summaries
Top 10 Most Wanted Top 10 offenders according to the DShield database.
Top 10 Ports Top 10 most probed ports.
Port Report Provides a thirty day history of a user selected port.
IP Info Provides information about an IP address.
Subnet Report Get a summary of recent activity from a Subnet
Block List List of IP address ranges that you might want to block.
>> http://www.mynetwatchman.com/ myNetWatchman collects, analyzes and
>> reports malicious access attempts to ISPs, who can then take action
>> against the offending machines.
> I am not using a supported OS or firewall (I expected this) which is
> why my original questions so I can send my own LARTS.
User-Agent: ProNews/2 V1.53.cp050
As well as I can tell, that must be OS2, which would make those available
clients for Win or /n/x not helpful. And if there's no hardware firewall
to use as a source of logs that's another problem. Does that mean that
you have no software intrusion management system and no hardware firewall
either? Hmmm. Where are your logs coming from?
DShield 'encourages' deveoping your own client at
MNW encourages those with 'alternate' OSes besides Win & /n/x to use
their WebAgent submission
kibitzer, not SC admin
More information about the SpamCop-List