[Dshield] Block List - next version
Johannes B. Ullrich
jullrich at euclidian.com
Fri Oct 26 18:52:04 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
I added more comments to the list of reocmmended blocks.
I also added 192.0.0.0/16 to the list of reserved networks.
(not just 18.104.22.168/24).
The list continues to only list /8 /16 /24 subnets. I refrained
from combining some of them to larger subnets. I think it aids
simple parsing of the list to only use "one-byte-subnets". Let
me know if anybody feels in favor or against it.
I did not add the multicast subnets, but added them as a comment. I feel
that some people may not want to block them. Also, they shouldn't realy
travel too far across routers anyway.
I got one not from a listed subnet asking me to 'unlist' them. I complied
in this case. To make the list more 'relevant', it only considers reports
received during the last two weeks.
Still... Don't use this list blindly. It needs more work. But I wanted to
get this update out to get more feedback.
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list