SPEWS is an excellent example of why trusting strangers on the Internet that you can't even communicate with doesn't work.
danno -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Guenther Sent: Friday, December 07, 2007 11:13 PM To: OpenBSD-Misc Subject: Re: rouge IPs / user See, that requires trusting the other 'security experts' are actually being honest and working for each others benefit... but that system isn't secure, how do you distinguish 'security expert' from 'infiltrator'? You *must* have decentralized systems/methods for this. There's no way to combine data together, the best you can do is share techniques which you can verify with your own logic -- except for blacklists like SPEWS, and even then there are all sorts of politics and troubles. -Nick
