It would be useful if these sites allowed you to query them
with CIDR ranges to
see if your site had originated any traffic that triggered
their sensor arrays. The
IDS community never seems to have wrapped its collective head
around routing
information. Looking up single IP addrs is just cosmetic. A
real service would
allow for concerned sites to check their entire address
allocations.
The solution we have takes a massive amount of data
munging of a routing
table and is still experimental, but until attacks can be
mapped to meaningful Internet
topographical information, the real value of these
distributed IDS efforts cannot be fully
exploited.
I can forsee the argument that people shouldn't be able to
look up other sites
which might be compromised, but if they are really so
concerned, they should
get their sites patched.