[nsp-sec] Google asking for some help
Chris Morrow
morrowc at ops-netman.net
Mon Oct 19 16:59:41 EDT 2009
Hey, nothing super critical but at the SP Security BoF at nanog today we
(google) had a presentation by Ian Fette essentially asking for folks to
help us better find malware (crawling for malware). We currently crawl for
this sort of thing from AS15169 sources, bad-folk have noticed this and
started sending us 'good content' not 'what granny gets sent'.
Ian's crew would like to be able to send a box or two to a few other
providers, have them hosted 'somewhere' and given address space from
'customer allocations'. Ideally the addresses could be changed over time
as well, something like 1/month or whatever works out easiest for the
hosting entity. Currently the gear looks like it'll be a 1950/1850 dell 1U
box, 1 or 2 per location, and would generate <5mbps averaging around
1mbps normally.
I believe, and I'm pushing for, the plan is to offer whatever data is
discovered to the participating entities. I'm not sure what format that
data would be made available in (xml, csv, http-get/queryable content...)
certainly some ideas in that vein would be accepted :)
If anyone's interested please hit me up off-list (or pmoody of course).
thanks!
-Chris
More information about the nsp-security
mailing list