[nsp-sec] Team Cymru services
Hank Nussbacher
hank at efes.iucc.ac.il
Thu Apr 20 13:09:05 EDT 2017
On 20/04/2017 19:29, Dave Monnier wrote:
> Hello Hank,
>
> It’s good to hear from you. I hope you’re doing well and enjoyed the Passover holiday with friends and family!
Thanks! After having my 7 grandkids tear apart the house, it is time to
get back to work :-)
> A question for the community: What would make it easier to submit new entries to the DDoSRS for everyone? I ask because we’ve been the sole data contributor to the service for the last five or six years. While we used to receive requests to have C2 added, we haven’t received one in a very, very, long time. Like anything else community-based, it takes a community effort for things like this to succeed. We’re keen to know how we can help all of you help us in helping the community.
I can say that I never knew there was an option to add C2s to your feed. It would be great if there was a way to add in commercial security companies that post their monthly blog/PDF "I found an APTxx" (insert here PaloAlto, Kaspersky, Trendmicro, Fortinet, Clearsky, Checkpoint, etc.) where at the end they list a bunch of verified C2s. Right now, we all have to do it by hand and verify the lists and "age" them on our own. That is why a centrally managed BGP "badness" feed w/ auto-aging would be something we all could use and perhaps even pay for.
Thanks,
Hank
More information about the nsp-security
mailing list