[Dshield] Dshield Reports
dshield at hilotec.net
Fri Aug 26 16:24:52 GMT 2005
> I'm considering adding the Dshield Blocklist to my IPTables FW. I do
> have a couple questions.
> Is there a larger list (as in Top 100 subnets)?
Don't know about that but the list at http://feeds.dshield.org/block.txt
is a top-20.
> I'm also considering scripting the Top 10 Offenders list into a chain.
> I am aware that some of those offenders are already blocked by the
> Dshield Blocklist, but not all.
> How often is the Top 10 Offenders list updated?
It's updated quite often. Check the "updated" tag in the block.txt. I
download a copy twice a day.
The offenders you want to script are the top-10 attacking your
I had some troubles to make the get_block.pl running. When running it
from the bash it worked like a charm but as soon as it was called from a
cron job it would only download an empty file. I replaced the
downloading with a wget call and haven't had any troubles since.
HILOTEC Engineering + Consulting GmbH
Energietechnik und Datensysteme
Tel: +41 34 402 74 00 - http://www.hilotec.com/
More information about the list