[Dshield] Accuracy and Relevance of Dshield Data....
fuc952d at tninet.se
Sun Jul 6 16:07:38 GMT 2003
After having done some analysis of the junk hitting my own domestic internet
connection I was struck by some thoughts.
I routinely block everything at my firewall and was struck by the enormous
amount of crud I was rejecting.
Over a weekly period, only 1.57% could be legitimately categorized as scans /
attempts, fully 97% were windows/smb broadcasts of various natures. 1%
other broadcasts / multicasts.
I note the prevalence of windows smb "attempts" in dshields database and
wonder how may of these are the same sort of "junk" that I see at my
More information about the list