Has anyone created an RBL, much like (possibly) the BOGON list which includes
the IP addresses of hosts which seem to be "infected" and are attempting to
brute-force SSH/HTTP, etc?
It would be fairly
easy to setup a dozen or more honeypots and examine the logs in order to create
an initial list.
Anyone know of
anything like this?
-Drew