We have had enough regular attacks on our web farm to put together tools
that catalogue the attacks, report them to a central database, and post
them to a website. The data is extracted hourly for the website to cut down
on server / database loading.
You can find our display of this data at:
On Tue, 5 Nov 2002 14:25:59 -1000
Michael Painter [EMAIL PROTECTED] wrote:
- Original Message -
From: Daniel Senie [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 05, 2002 1:51 PM
Subject: Attacker Data / Wall of Shame
We have had enough regular attacks
Interesting data.
Do you filter or identify spoofed IP addresses?
Also, any data collected on more direct DoS attacks?
Thanks.
Rajesh.
--- begin message from Daniel Senie ---
We have had enough regular attacks on our web farm to put together tools
that catalogue the attacks, report
On Tue, 5 Nov 2002, Daniel Senie wrote:
We have had enough regular attacks on our web farm to put together tools
that catalogue the attacks, report them to a central database, and post
them to a website. The data is extracted hourly for the website to cut down
on server / database loading.
At 10:29 PM 11/5/2002, Rajesh Talpade wrote:
Interesting data.
Do you filter or identify spoofed IP addresses?
We block packets with source addresses which are obviously bogus (see
recent IANA RFC for the list). Past that, note that these data are all
derived from analysis of HTTP GET
At 10:56 PM 11/5/2002, Christopher L. Morrow wrote:
On Tue, 5 Nov 2002, Daniel Senie wrote:
We have had enough regular attacks on our web farm to put together tools
that catalogue the attacks, report them to a central database, and post
them to a website. The data is extracted hourly for