Check if addresses from AS in a black list
- From: "Gleb Paharenko" <gpaharenko@xxxxxxxxx>
- Date: Sun, 13 Apr 2008 21:18:10 +0300
Hi.
The presence of some address of organization external IP's in spam,
virus or other malicious black lists could be the clue about possible
security compromise and consequent information leakage from an
organization. In my opinion monitoring of such lists could be the part
of regular process for company's security team. Please, could you
share your opinions and interfaces (even payed) to perform such a
check. To make long short:
- We have a AS range xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy.
- We need to check if some of the address space is in black lists (RBL's, etc.)
P.S. The brute force way to check every address is possible but the
latest way, I'm looking for more elegant (cheaper and reliable)
solutions.
--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- Follow-Ups:
- Re: Check if addresses from AS in a black list
- From: Trygve Aasheim
- Re: Check if addresses from AS in a black list
- Prev by Date: Re: Re: Microsoft RDP Priv. Escalation
- Next by Date: RE: get MD5-Hash from /etc/shadow file
- Previous by thread: DEF CON 16 Retro Announcement! Back to Bang!
- Next by thread: Re: Check if addresses from AS in a black list
- Index(es):
