[nsp-sec] Team Cymru services
Dave Monnier
dmonnier at cymru.com
Thu Apr 20 13:34:15 EDT 2017
Hello Hank,
We’re very happy to manage that system and process. We have aging and poling mechanisms already in place for the DDoSRS. We’ll see what others say and can work to come up with something together.
Thanks!
-Dave
---
Dave Monnier
Team Cymru Fellow
https://www.team-cymru.org/
PGP: https://www.cymru.com/dmonnier/0x7C1AAE55_pub.asc
> On Apr 20, 2017, at 1:09 PM, Hank Nussbacher <hank at efes.iucc.ac.il> wrote:
>
> On 20/04/2017 19:29, Dave Monnier wrote:
>> Hello Hank,
>>
>> It’s good to hear from you. I hope you’re doing well and enjoyed the Passover holiday with friends and family!
> Thanks! After having my 7 grandkids tear apart the house, it is time to
> get back to work :-)
>> A question for the community: What would make it easier to submit new entries to the DDoSRS for everyone? I ask because we’ve been the sole data contributor to the service for the last five or six years. While we used to receive requests to have C2 added, we haven’t received one in a very, very, long time. Like anything else community-based, it takes a community effort for things like this to succeed. We’re keen to know how we can help all of you help us in helping the community.
>
> I can say that I never knew there was an option to add C2s to your feed. It would be great if there was a way to add in commercial security companies that post their monthly blog/PDF "I found an APTxx" (insert here PaloAlto, Kaspersky, Trendmicro, Fortinet, Clearsky, Checkpoint, etc.) where at the end they list a bunch of verified C2s. Right now, we all have to do it by hand and verify the lists and "age" them on our own. That is why a centrally managed BGP "badness" feed w/ auto-aging would be something we all could use and perhaps even pay for.
>
> Thanks,
> Hank
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20170420/df7427a7/attachment.sig>
More information about the nsp-security
mailing list