Firewalls: Re: Hacker's Site list

Firewalls
(August 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Hacker's Site list
From:	Fred Blonder <fred @ nasirc . hq . nasa . gov>
Date:	Thu, 25 Aug 1994 11:18:53 -0400
To:	bonomi @ delta . eecs . nwu . edu (Robert Bonomi)
Cc:	firewalls @ greatcircle . com, fred @ nasirc . hq . nasa . gov
In-reply-to:	Your message of "Wed, 24 Aug 1994 21:28:10 CDT." <9408250228 . AA18329 @ delta . eecs . nwu . edu>

	From: bonomi @
 delta .
 eecs .
 nwu .
 edu (Robert Bonomi)

		From: ericw @
 fx .
 com (Eric Wedaa)

		I would like to suggest . . .  A site gets put on the
		list once it is reported to the list maintainer by root
		at a site.

		A site, once on the list, stays on the list until that
		site is off the net.  This is why the date field
		exists.

	I _don't_ like this part of the idea.  How about 'number of
	incidents in last 3 mo.', 'number of incidents in last 6 mo.',
	'number of incidents in last year', and a site drops of the
	list when there have been reports from less than two different
	sites in the last year.

A major factor in  how quickly a site expires from the list should be:
degree of cooperation you get from the sysadmin when a problem is
reported.

Furthermore: what's to keep a corrupt site from making bogus 'nuisance'
reports to the list maintainer?
-----
Fred Blonder		fred @
 nasirc .
 hq .
 nasa .
 gov

Hughes STX Corp.	(301) 441-4079
7701 Greenbelt Rd.
Greenbelt, Md.  20770

References:

Re: Hacker's Site list
From: bonomi @ delta . eecs . nwu . edu (Robert Bonomi)

Indexed By Date	Previous:	Re: Questions for firewall users From: ian @ sq . com
Indexed By Date	Next:	RS/6000 Routing Troubles From: THE GAR <GLWARNER%SAMFORD . BITNET @ uga . cc . uga . edu>
Indexed By Thread	Previous:	Re: Hacker's Site list From: Henry Kilmer <hank @ uunet . uu . net>
Indexed By Thread	Next:	Re: Hacker's Site list From: doug @ goodall . goodall . com