[Dshield] acceptable log types

Guy Barnum GuyBarnum at Armscole.com
Thu Aug 21 21:51:25 GMT 2003


I have a question about acceptable log types that can be submitted to dshield.  I don't have any of the log file types listed on the web site.  The server I manage was compromised through an unprotected Microsoft IIS (4.0) and I have over a years worth of log files clearly showing the originating IP address of the numerous people who were illegally accessing the system.  I would like to submit my log files and have these IP addresses (and ISP's?) added to the database.

I tracert'd many of these addresses myself and emailed the indicated ISP or backbone manager.  I believe I received one positive response out of all the emails I sent and was either ignored or given ridiculous requirements of proof (basically being told to shove off) by a few others.  Please let me know if there is a way to get my IIS intrusion logs added to the dshield database.

Mrguy






More information about the list mailing list