Dan Hollis wrote:
The BL wouldnt try to block floods or DoS attacks. Its aim is to block sites which originate breakins.
If break-ins is what you're trying to avoid, a blacklist would be a terrible idea. The proper way to prevent break-ins is not to block communications with certain sites, but to fix broken software and poorly configured systems so that any break-in attempts will be unsuccessful. A blacklist would only encourage your would-be attacker to employ additional intermediaries, thereby potentially causing more damage for more people while making the ultimate source more difficult to trace. It would also give operators a false sense of security, an attitude which could lead to thoughtless setups acting as havens for the very break-ins your proposed blacklist is intended to combat. Mark -- Do not reply directly to this e-mail address -- Mark Mentovai UNIX Engineer Gillette Global Network