[Dshield] Does `test at dshield.org' operate?

Johannes B. Ullrich jullrich at sans.org
Fri Jun 8 18:36:13 GMT 2007


will have to check the email rules for 'test'. It should forward them to me.

Your log below looks good. Send a few to the reports at dshield.org address
to see if they get processed.



Pavel Vachek wrote:
> Hello,
> please do you know if anyone checks received mail at the address 
> `test at dshield.org', and if so, how long does it take?
> 
> Web page https://secure.dshield.org/specs.html recommends:
> 
>> Send a brief test conversion to 'test \at/ dshield.org' before
>> putting your client into service. (test at dshield.org is designed for
>> people who are writing their own client software. The examination
>> is done manually by a person, as time permits. Please don't send
>> logs to test \at/ dshield.org if you are using an existing client.)
>> But please don't put your client into service until you have
>> received a positive confirmation from test \at/ dshield.org.
> 
> I wrote a new LaBrea log parser (my LaBrea-based IDS uses a different 
> log text format than the original LaBrea parser) and mailed a part
> of the resulting log to `test at dshield.org' on May 30, June 2 and June 5
> but received no response so far.
> 
> Best regards,
> Pavel Vachek, CESNET, Prague, The Czech Republic.
> 
> 
> -------------------------------------------------------
> 
> 
> To: test at dshield.org
> From: Dshield at cesnet.cz
> Subject: FORMAT DSHIELD USERID 948529728 TZ +00:00 VERSION DShield Framework 2002-04-25 LaBrea 2007-05-30
> Message-Id: <20070530125330.BE9C0B7608 at audit.cesnet.cz>
> Date: Wed, 30 May 2007 12:53:30 +0000 (GMT)
> 
> 2007-05-30 10:05:03 +00:00	948529728	1	87.236.92.48	37236	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:03 +00:00	948529728	1	84.49.192.77	52704	10.113.255.37	3306	TCP	S
> 2007-05-30 10:05:03 +00:00	948529728	1	222.190.110.196	17580	10.113.253.122	1433	TCP	S
> 2007-05-30 10:05:03 +00:00	948529728	1	87.236.92.48	62142	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:03 +00:00	948529728	1	87.236.92.48	49544	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:04 +00:00	948529728	1	195.239.208.2	3606	10.113.253.1	1433	TCP	S
> 2007-05-30 10:05:04 +00:00	948529728	1	87.236.92.48	9504	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:04 +00:00	948529728	1	87.236.92.48	23225	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:05 +00:00	948529728	1	203.174.83.43	46784	10.113.252.157	8080	TCP	S
> 2007-05-30 10:05:05 +00:00	948529728	1	87.236.92.48	31851	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:05 +00:00	948529728	1	87.236.92.48	11459	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:05 +00:00	948529728	1	195.16.36.75	4615	10.113.254.64	1433	TCP	S
> 2007-05-30 10:05:05 +00:00	948529728	1	222.190.110.196	18561	10.113.253.59	1433	TCP	S
> 2007-05-30 10:05:06 +00:00	948529728	1	87.236.92.48	58322	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:06 +00:00	948529728	1	195.16.36.75	3464	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:06 +00:00	948529728	1	87.236.92.48	22328	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:07 +00:00	948529728	1	195.16.36.75	2887	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:07 +00:00	948529728	1	87.236.92.48	1047	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:07 +00:00	948529728	1	87.236.92.48	53619	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:08 +00:00	948529728	1	87.236.92.48	4662	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:08 +00:00	948529728	1	87.236.92.48	26852	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:09 +00:00	948529728	1	87.236.92.48	62815	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:09 +00:00	948529728	1	87.236.92.48	26193	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:10 +00:00	948529728	1	87.236.92.48	26694	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:10 +00:00	948529728	1	203.174.83.43	47367	10.113.252.157	8080	TCP	S
> 2007-05-30 10:05:10 +00:00	948529728	1	87.236.92.48	30347	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:10 +00:00	948529728	1	87.236.92.48	55253	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:11 +00:00	948529728	1	87.236.92.48	15883	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:11 +00:00	948529728	1	87.236.92.48	8313	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:12 +00:00	948529728	1	87.236.92.48	59311	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:12 +00:00	948529728	1	87.236.92.48	29089	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:13 +00:00	948529728	1	87.236.92.48	20322	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:13 +00:00	948529728	1	87.236.92.48	19009	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:14 +00:00	948529728	1	87.236.92.48	20652	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:14 +00:00	948529728	1	195.239.208.2	2323	10.113.253.1	1433	TCP	S
> 2007-05-30 10:05:14 +00:00	948529728	1	87.236.92.48	48053	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:14 +00:00	948529728	1	222.190.110.196	19986	10.113.253.122	1433	TCP	S
> 2007-05-30 10:05:15 +00:00	948529728	1	87.236.92.48	17337	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:15 +00:00	948529728	1	87.236.92.48	40138	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:15 +00:00	948529728	1	203.174.83.43	47736	10.113.252.158	8080	TCP	S
> 2007-05-30 10:05:16 +00:00	948529728	1	87.236.92.48	34543	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:16 +00:00	948529728	1	203.174.83.43	47762	10.113.252.158	8080	TCP	S
> 2007-05-30 10:05:16 +00:00	948529728	1	212.154.150.154	40226	10.113.252.37	3306	TCP	S
> 2007-05-30 10:05:16 +00:00	948529728	1	87.236.92.48	48356	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:17 +00:00	948529728	1	87.236.92.48	37320	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:17 +00:00	948529728	1	222.190.110.196	20367	10.113.253.59	1433	TCP	S
> 2007-05-30 10:05:17 +00:00	948529728	1	87.236.92.48	58881	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:17 +00:00	948529728	1	195.16.36.75	4561	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:18 +00:00	948529728	1	87.236.92.48	5308	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:18 +00:00	948529728	1	87.236.92.48	12410	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	87.236.92.48	23075	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	212.154.150.154	40226	10.113.252.37	3306	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	87.236.92.48	12668	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	195.16.36.75	1883	10.113.254.64	1433	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	195.16.36.75	1173	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:19 +00:00	948529728	1	87.236.92.48	33153	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:20 +00:00	948529728	1	87.236.92.48	50675	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:20 +00:00	948529728	1	87.236.92.48	58589	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:21 +00:00	948529728	1	87.236.92.48	34781	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:21 +00:00	948529728	1	82.212.72.109	52890	10.113.254.185	5900	TCP	S
> 2007-05-30 10:05:21 +00:00	948529728	1	203.174.83.43	48134	10.113.252.158	8080	TCP	S
> 2007-05-30 10:05:21 +00:00	948529728	1	87.236.92.48	3686	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:22 +00:00	948529728	1	87.236.92.48	29191	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:22 +00:00	948529728	1	87.236.92.48	40896	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:23 +00:00	948529728	1	87.236.92.48	19256	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:23 +00:00	948529728	1	87.236.92.48	28788	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:24 +00:00	948529728	1	87.236.92.48	31135	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:24 +00:00	948529728	1	87.236.92.48	9180	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:25 +00:00	948529728	1	87.236.92.48	48784	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:25 +00:00	948529728	1	195.239.208.2	3859	10.113.253.1	1433	TCP	S
> 2007-05-30 10:05:25 +00:00	948529728	1	87.236.92.48	11667	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:26 +00:00	948529728	1	87.236.92.48	39672	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:26 +00:00	948529728	1	222.190.110.196	22055	10.113.253.122	1433	TCP	S
> 2007-05-30 10:05:26 +00:00	948529728	1	87.236.92.48	1327	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:26 +00:00	948529728	1	203.174.83.43	48525	10.113.252.159	8080	TCP	S
> 2007-05-30 10:05:27 +00:00	948529728	1	87.236.92.48	31230	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:27 +00:00	948529728	1	203.174.83.43	48546	10.113.252.159	8080	TCP	S
> 2007-05-30 10:05:27 +00:00	948529728	1	87.236.92.48	42063	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	87.236.92.48	61449	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	84.49.192.77	53676	10.113.253.212	3306	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	195.16.36.75	2339	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	87.236.92.48	30938	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	222.190.110.196	22686	10.113.253.59	1433	TCP	S
> 2007-05-30 10:05:28 +00:00	948529728	1	87.236.92.48	36884	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:29 +00:00	948529728	1	87.236.92.48	53247	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:29 +00:00	948529728	1	24.147.228.14	2166	10.113.253.126	3306	TCP	S
> 2007-05-30 10:05:29 +00:00	948529728	1	195.132.225.103	3558	10.113.254.167	5900	TCP	S
> 2007-05-30 10:05:29 +00:00	948529728	1	195.132.225.103	3571	10.113.254.167	5900	TCP	S
> 2007-05-30 10:05:29 +00:00	948529728	1	87.236.92.48	42300	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:30 +00:00	948529728	1	195.16.36.75	2842	10.113.254.64	1433	TCP	S
> 2007-05-30 10:05:30 +00:00	948529728	1	87.236.92.48	25553	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:30 +00:00	948529728	1	87.236.92.48	39809	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:31 +00:00	948529728	1	195.16.36.75	4911	10.113.254.1	1433	TCP	S
> 2007-05-30 10:05:31 +00:00	948529728	1	87.236.92.48	57702	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:31 +00:00	948529728	1	87.236.92.48	53207	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:32 +00:00	948529728	1	87.236.92.48	34306	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:32 +00:00	948529728	1	203.174.83.43	48928	10.113.252.159	8080	TCP	S
> 2007-05-30 10:05:32 +00:00	948529728	1	87.236.92.48	36852	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:33 +00:00	948529728	1	87.236.92.48	57627	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:33 +00:00	948529728	1	87.236.92.48	5218	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:33 +00:00	948529728	1	24.61.14.56	2263	10.113.254.217	3306	TCP	S
> 2007-05-30 10:05:34 +00:00	948529728	1	87.236.92.48	31773	10.113.252.66	80	TCP	S
> 2007-05-30 10:05:34 +00:00	948529728	1	84.49.192.77	53940	10.113.253.212	3306	TCP	S
> 2007-05-30 10:05:34 +00:00	948529728	1	87.236.92.48	46727	10.113.252.66	80	TCP	S
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _________________________________________
> 
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)


-- 
---------
SANSFIRE 2007 July 25-August 2 in Washington, DC.  56 courses, SANS top
instructors, and a great tools and solutions expo. Register today!
http://www.sans.org/info/4651 (brochure code ISC)

http://isc.sans.org         PGP Key: https://secure.dshield.org/PGPKEYS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.sans.org/pipermail/list/attachments/20070608/77e8c264/attachment.bin 


More information about the list mailing list