15 Feb
2007
15 Feb
'07
11:30 a.m.
Has anyone created an RBL, much like (possibly) the BOGON list which includes the IP addresses of hosts which seem to be "infected" and are attempting to brute-force SSH/HTTP, etc? It would be fairly easy to setup a dozen or more honeypots and examine the logs in order to create an initial list. Anyone know of anything like this? -Drew