Skip to page content or Skip to Accesskey List.

Work

Main Page Content

Share Intrusion Information On Dshield Org

Posted on 08 Dec 2000

in News

by Wolfgang Bromberger (wolf)

Rated 3.89 (Ratings: 0)

Want more?

  • More articles in News
 
Picture of wolf

Wolfgang Bromberger

Member info

User since: 14 Dec 1998

Articles written: 34

We all know the problem, small scale to large scale, from home to big sites, from script kiddie to brilliant hacker or cracker, people trying to enter your systems without being allowed to, to put it mildly.

There are different ways of protection, we know.

But most times the problem is, what should one do with all the data that firewalls summon?

If you are not the type "dark revenger", most times you try to contact some other admins, if you have time to report, as police or other investigation is not always an option or longed for, but not with much response.

Johannes Ulrich was also reporting, till out of the frustration about no response or reaction, he founded DShield.org, Distributed Intrusion Detection System.

From DShield.org:

DShield.org:

"DShield.org is an attempt to collect data about hacker activity from all over the internet.

This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules.

Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort.

More complex patterns, like they are used by application level firewalls may be handled in the future."

DShield accepts firewall logs in the formats Kernel packet logs as generated by Linux 2.2.x and ipchains (KERNEL), ZoneAlarm Logs (ZONEALARM) and

DShield Format (DSHIELD).

The public service / experiment is rather new, but maybe it can help in the future, time will tell.

Wolfgang .wolf Bromberger has been around online since 1996. He started to get into web design after he and some other students developed a concept for the online presence of their home town, Salzburg in Austria, a site Bill Gates used years later as a good example of e-government (as still not nearly all points of the concept have been made reality, .wolf disagrees).
Being interested in search engines and information systems, .wolf specialized in search engine optimization, online promotion and analysis.
.wolf was one of the founding fathers of evolt.org
He is working for Kreiseder.com and can also be reached there.
He is always interested in learning new programming or other web related skills, when time permits.

The access keys for this page are: ALT (Control on a Mac) plus:

evolt.org Evolt.org is an all-volunteer resource for web developers made up of a discussion list, a browser archive, and member-submitted articles. This article is the property of its author, please do not redistribute or use elsewhere without checking with the author.