There are a number
of public network attacker threat feeds available, the most well know of which,
AFAIK, is the Internet Storm Center's DShield system. I know a few network
operators, including at least one on this list, also run private versions of the
DShield system.
Are there many
others?
Do any or most
network operators have some sort of private current block list that gets pushed
out to routers and or firewalls/traffic shapers in real
time?
I'm the CTO and
founder of ThreatSTOP (www.threatstop.com), and we're currently
propagating the DShield, and some other, block lists for use in firewalls. I'm
interested in gathering additional threat information, and serving additional
communities.
Is there any
interest in a collaborative platform where anonymized candidates for blocking
would be submitted by a trusted group, and then propagated out to the whole
group?
I'd be happy to
collect responses anonymously and submit a summary back to the list, if people
don't want to open this up on the list.