DShield.org is an attempt to collect data about cracker activity from all over the internet. This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules. Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort. More complex patterns, such as are used by application level firewalls may be handled in the future. The graphical banner showing the top attacker and top port is displayed on Internet Alerts Subject Tracerâ„¢ Information Blog.
posted by Marcus Zillman |
4:00 AM