On Tue, 04 Sep 2007 16:20:15 EDT, Dude VanWinkle said: > So if we know the IP's of "millions of compromised machines" can we > get access to a list of those in order to grey/blacklist them?
We know the IP addresses that some of them *used* to have. Feel free to blacklist the address and see the *current* DHCP leaseholder wonder why things are breaking. And Storm is only *part* of it - remember that's only a few million, out of Vint Cerf's estimate of 140 million. When there's 140 million pwned/spywared/etc boxes out of 600M or so, you really can only take 2 stances: 1) Don't care and harden the outward-facing side to take on all comers. 2) Start whitelisting only known vetted and known systems.
pgpDDIYQLvXme.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
