'RE: DShield.org Recommended Block List'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    RE: DShield.org Recommended Block List
From:       "Ken Kousky" <kkousky () ip3inc ! com>
Date:       2003-04-29 0:23:57
[Download RAW message or body]


We showcase this site to clients and promote it but I think you'll still
have to manually supervise the blocked site list.

Key issue here is to make sure you don't post mega proxy ip addresses to
your ACLs and block a lot of your market ... which means you need to
apply a manual review of what you're posting. 

Also, an exploit of a legitimate site might knock out legit clients. It
wasn't that long ago that ISC2 was hijacked which placed them on a lot
of blocked lists.

KWK

-----Original Message-----
From: Bob Kelley [mailto:b0bk3ll3yjr@adelphia.net] 
Sent: Friday, April 25, 2003 1:27 AM
To: security-basics@securityfocus.com
Subject: DShield.org Recommended Block List



I am looking for some feedback on using the dshield recommended block
list 
on my screening router which sits in front of my firewall.  Those who
wish 
to respond...Do you find it helpful/beneficial/essential?  Also, what 
methods are you using to keep the associated access-list up to date?  Is

this a purely manual process?  Do you do this daily, weekly ?
Thanks...Bob

------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by
professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today
to 
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics 
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE \
curriculum utilizes lectures, case studies and true hands-on utilization  of \
pertinent security tools. For a limited time you can enter for a chance  to win one \
of the latest technological innovations, the SEGWAY HT.  Log onto \
                http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic