Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
SANS Internet Storm Center / DShield
Conversations
About
SANS Internet Storm Center / DShield
Contact owners and managers
1–30 of 71
Mark all as read
Report abusive group
0 selected
c...@ruxcon.org.au
5/6/14
Breakpoint 2014 Call For Presentations
Breakpoint 2014 Call For Papers Melbourne, Australia, October 8th-9th Intercontinental Rialto http://
unread,
Breakpoint 2014 Call For Presentations
Breakpoint 2014 Call For Papers Melbourne, Australia, October 8th-9th Intercontinental Rialto http://
5/6/14
Apoorv Sharma
,
HAREN BHATT
3
3/12/14
Help on open source SIEM tool ???
Thanks Haren will work on it. On Tuesday, 11 March 2014 12:23:43 UTC+5:30, Apoorv Sharma wrote:
unread,
Help on open source SIEM tool ???
Thanks Haren will work on it. On Tuesday, 11 March 2014 12:23:43 UTC+5:30, Apoorv Sharma wrote:
3/12/14
Rob Janssen
, …
Johannes B. Ullrich Ph.D.
7
3/11/14
Help on the ISC API
And now I can "confirm officially": works for me :-) On Sat, Mar 8, 2014 at 12:19 PM,
unread,
Help on the ISC API
And now I can "confirm officially": works for me :-) On Sat, Mar 8, 2014 at 12:19 PM,
3/11/14
Andrew Willy
10/31/13
DShield Ghost Story
Many years ago I was subscriber to this list (or a former incarnation of this list.) Someone posted a
unread,
DShield Ghost Story
Many years ago I was subscriber to this list (or a former incarnation of this list.) Someone posted a
10/31/13
Péter Gervai
, …
Daz B
5
10/24/13
36088.info, 05930.info and other funny domains - accessed by thousands of hosts - botnet c&c?
Bumping the thread... I'm also seeing the same activity on resolvers I manage. The volumes of
unread,
36088.info, 05930.info and other funny domains - accessed by thousands of hosts - botnet c&c?
Bumping the thread... I'm also seeing the same activity on resolvers I manage. The volumes of
10/24/13
Adam Spiers
, …
Tom Byrnes
3
9/17/13
need decent documentation for fail2ban / dshield integration
I disagree. Denyhosts is a very effective datasource for blocking. Fail2ban works the same way, but
unread,
need decent documentation for fail2ban / dshield integration
I disagree. Denyhosts is a very effective datasource for blocking. Fail2ban works the same way, but
9/17/13
Jeremy Shelley
, …
BioChem Admin
9
9/16/13
Anybody else seeing a surge in exploit attempts from Iran?
We have a large number of them too? On Wednesday, October 10, 2012 6:59:47 AM UTC-5, Jeremy Shelley
unread,
Anybody else seeing a surge in exploit attempts from Iran?
We have a large number of them too? On Wednesday, October 10, 2012 6:59:47 AM UTC-5, Jeremy Shelley
9/16/13
Michael
, …
Johannes B. Ullrich Ph.D.
4
9/13/13
Visited website hacked by Syrian Electronic Army--What to do next?
Dear Dr. Ullrich: My apologies. Now that I know the proper formatting, I will keep it in mind. (It
unread,
Visited website hacked by Syrian Electronic Army--What to do next?
Dear Dr. Ullrich: My apologies. Now that I know the proper formatting, I will keep it in mind. (It
9/13/13
c...@ruxcon.org.au
5/7/13
Ruxcon 2013 Call For Papers
Ruxcon 2013 Call For Presentations Melbourne, Australia, October 26th-27th CQ Function Centre http://
unread,
Ruxcon 2013 Call For Papers
Ruxcon 2013 Call For Presentations Melbourne, Australia, October 26th-27th CQ Function Centre http://
5/7/13
Scott G
, …
Adam Corbally
11
5/6/13
80legs spider is abusive
Found an entry that can be added to the sites .htaccess file to mave every request from the bot throw
unread,
80legs spider is abusive
Found an entry that can be added to the sites .htaccess file to mave every request from the bot throw
5/6/13
c...@ruxcon.org.au
4/30/13
Breakpoint 2013 Call For Papers
Breakpoint 2013 Call For Papers Melbourne, Australia, October 24th-25th Intercontinental Rialto http:
unread,
Breakpoint 2013 Call For Papers
Breakpoint 2013 Call For Papers Melbourne, Australia, October 24th-25th Intercontinental Rialto http:
4/30/13
Phillip Smith
,
HAREN BHATT
3
4/10/13
Re: ISC# [2560154] 17.172.232.153.5223 MNDNNN
On 10 April 2013 22:45, HAREN BHATT <hcb...@gmail.com> wrote: Even is am seeing outbound
unread,
Re: ISC# [2560154] 17.172.232.153.5223 MNDNNN
On 10 April 2013 22:45, HAREN BHATT <hcb...@gmail.com> wrote: Even is am seeing outbound
4/10/13
Brad
, …
Kerns, Jim
13
3/28/13
TCP Null Scans
Today should be quiet on our network, (everyone is off for a long weekend), I will capture some data
unread,
TCP Null Scans
Today should be quiet on our network, (everyone is off for a long weekend), I will capture some data
3/28/13
Yinette
, …
Rukmani Bhagat
4
3/1/13
RDP Brute-force attacks that don't actually attempt a logon.
Hi everyone, can someone help me show to implement remote login with group force attack please let me
unread,
RDP Brute-force attacks that don't actually attempt a logon.
Hi everyone, can someone help me show to implement remote login with group force attack please let me
3/1/13
Lance Lassetter
, …
Becky Levenhagen
5
1/28/13
ATT UVERSE down, why?
Could be uverse has no idea what bgr's to trust which makes healthy networking possible. On Jan
unread,
ATT UVERSE down, why?
Could be uverse has no idea what bgr's to trust which makes healthy networking possible. On Jan
1/28/13
Zijyfe Duufop
, …
Carrots
8
1/22/13
Strange piece of spam
The X-EIP header is an encoded version of the X-Origin header, I don't actually know what the
unread,
Strange piece of spam
The X-EIP header is an encoded version of the X-Origin header, I don't actually know what the
1/22/13
Shaun
,
Tom Byrnes
3
1/7/13
177.69.238.15
I added this IP to the ThreatSTOP emergency feed this AM, on the assumption it will wind up in
unread,
177.69.238.15
I added this IP to the ThreatSTOP emergency feed this AM, on the assumption it will wind up in
1/7/13
Freek
,
Johannes Ullrich
2
9/17/12
Reporting abuse from firewall logs about IPv6 addresses
we are working on it. expect it before the end of the year. On Sep 17, 2012, at 1:07 AM, Freek <f.
unread,
Reporting abuse from firewall logs about IPv6 addresses
we are working on it. expect it before the end of the year. On Sep 17, 2012, at 1:07 AM, Freek <f.
9/17/12
Blake Rich
6/21/12
?redir= in GET request
Good Morning, I've been seeing the following types of requests for a month or two now. It is
unread,
?redir= in GET request
Good Morning, I've been seeing the following types of requests for a month or two now. It is
6/21/12
HoneyBadger
, …
Shaun O'Leary
12
5/24/12
Internet Browsing on Server Subnets
We are moving towards that, having aa specific team or more likely a small subset of SysAdmins being
unread,
Internet Browsing on Server Subnets
We are moving towards that, having aa specific team or more likely a small subset of SysAdmins being
5/24/12
c...@ruxcon.org.au
5/10/12
Breakpoint 2012 Call For Papers
_________/_ _ _ _\________ \ / _______\ \__/_ _ _ _ _ _/_________/_ _ _/ __/_______/ \\ __/
unread,
Breakpoint 2012 Call For Papers
_________/_ _ _ _\________ \ / _______\ \__/_ _ _ _ _ _/_________/_ _ _/ __/_______/ \\ __/
5/10/12
saini
,
Adam Swanger
2
2/24/12
Help regarding information available at Storm Centre
Thanks for your interest in ISC data. 1. Please let me know the meaning of the "Reports"
unread,
Help regarding information available at Storm Centre
Thanks for your interest in ISC data. 1. Please let me know the meaning of the "Reports"
2/24/12
Qais Qassim
1/28/12
Please help with this survey
http://www.surveymonkey.com/s/BCS6XQZ
unread,
Please help with this survey
http://www.surveymonkey.com/s/BCS6XQZ
1/28/12
Hadi Asghari
1/6/12
Detecting false positives from malicious sources in DShield data
Hello everyone, Our research group uses the DShield data to look at patterns of botnet activity -
unread,
Detecting false positives from malicious sources in DShield data
Hello everyone, Our research group uses the DShield data to look at patterns of botnet activity -
1/6/12
Robert Stangarone
1/6/12
SMTP server exploits uptick
Anyone out there seeing a bit more than normal of this from their Snort sensors: [1:19708:2] SMTP
unread,
SMTP server exploits uptick
Anyone out there seeing a bit more than normal of this from their Snort sensors: [1:19708:2] SMTP
1/6/12
Joachim Kainz
12/31/11
node.js client for 404project
There is a new client for the very awesome 404project. It works with Node.js. The code is available
unread,
node.js client for 404project
There is a new client for the very awesome 404project. It works with Node.js. The code is available
12/31/11
Bob Stangarone
, …
Ray S
3
12/13/11
anyone else seeing an uptick in php attacks related to CVE-2010-2122
I also have seen an increase in awstats attempts during last week seems to have gone back to normal
unread,
anyone else seeing an uptick in php attacks related to CVE-2010-2122
I also have seen an increase in awstats attempts during last week seems to have gone back to normal
12/13/11
Michael
, …
Hayes, Virgil
13
11/3/11
Proper response to web browser security warning (newbie)
Hi again, I just wanted to make a few quick points: (1) Thanks everyone for your help! It's
unread,
Proper response to web browser security warning (newbie)
Hi again, I just wanted to make a few quick points: (1) Thanks everyone for your help! It's
11/3/11
Torrance
, …
The Carrots
5
7/19/11
Websites Blocked by US Military
Hello the only correlation between the sites that I can think of is they are all rightish,
unread,
Websites Blocked by US Military
Hello the only correlation between the sites that I can think of is they are all rightish,
7/19/11
c...@ruxcon.org.au
5/17/11
Ruxcon 2011 Call For Papers
Ruxcon 2011 Call For Papers The Ruxcon team is pleased to announce the call for papers for the
unread,
Ruxcon 2011 Call For Papers
Ruxcon 2011 Call For Papers The Ruxcon team is pleased to announce the call for papers for the
5/17/11