[Dshield] An Abuse-Free internet organzation

Erwin Van de Velde erwin.vandevelde at ua.ac.be
Tue Jan 20 23:48:59 GMT 2004


On Tuesday 20 January 2004 17:49, Brad Spencer wrote:
> At 05:28 PM 1/20/2004 +0100, you wrote:
> >You could block some IP addresses (I'm even writing my master thesis about
> > a system that could do that :-) )
>
> Blocking is so old hat.  If you're doing a master's thesis why not move
> forward?
>
> If your thesis is about quickly and reliably identifying IPs to block and
> then quickly unblocking when the need has disappeared it might be a very
> good thesis - but somehow I doubt that's what it covers.  If I'm wrong I'd
> be delighted to be shown in error.
>
That's just what it is about: not only trying to identify attackers using 
known attacks, but also trying to block new viruses, inventive attackers, ... 
using a broader range of security tools. This includes also the question 
about who should be blocked how long, and if other actions can be 
appropriate. It will include some recovery actions too, like automatically 
recovering deleted or modified data.
I hope to get as far as possible with the time that is given to me. It's quite 
difficult as our curriculum does not include courses about security, security 
is only mentioned now and then.

As always, good ideas are welcome, and you could win a line in my thank word 
:-)

Greetings,
Erwin Van de Velde
Student of University of Antwerp
Belgium




More information about the list mailing list