[Dshield] acceptable log types
GuyBarnum at Armscole.com
Thu Aug 21 21:51:25 GMT 2003
I have a question about acceptable log types that can be submitted to dshield. I don't have any of the log file types listed on the web site. The server I manage was compromised through an unprotected Microsoft IIS (4.0) and I have over a years worth of log files clearly showing the originating IP address of the numerous people who were illegally accessing the system. I would like to submit my log files and have these IP addresses (and ISP's?) added to the database.
I tracert'd many of these addresses myself and emailed the indicated ISP or backbone manager. I believe I received one positive response out of all the emails I sent and was either ignored or given ridiculous requirements of proof (basically being told to shove off) by a few others. Please let me know if there is a way to get my IIS intrusion logs added to the dshield database.
More information about the list