On Thursday 01 February 2007 09:25, Bob Beck wrote: > Yeah, probably time to retire spews, they aren't going > to fix it. > > Aside from my traplist (which I'll add) anyone have > any suggestions for useful addtions when I commit this? I seldom > use exernally maintained blacklists anymore :) > > -Bob
<disclaimer> I'm not mail server admin and can not even play one on TV. </disclaimer> I don't know what you're currently using for lists but the following are some of the "questionable activity" type block list (i.e. a politically correct way to dodge the issue of compromised hosts being used for attacks but owned by legit companies) http://www.projecthoneypot.org/ These guys are working with sans and supposedly have a block list, but I've been unable to find said list. http://www.dshield.org I'm not sure if this new list is up yet... http://security.itworld.com/4357/nlssecurity070116/page_1.html http://blogs.securiteam.com/index.php?s=honeynet I hope it helps... -jcr -- cd ~. -Almost Home
