Monday, November 29, 2010

Internet Storm Center Diary

Internet Storm Center Diary

Sans Handler Daily Diary

The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the Li0n worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers.


Participating with the Internet Storm Center

The ISC uses the DShield distributed intrusion detection system for data collection and analysis. DShield collects data about malicious activity from across the Internet. This data is cataloged and summarized and can be used to discover trends in activity, confirm widespread attacks, or assist in preparing better firewall rules.
Currently the system is tailored to process outputs of simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort.
DShield is a free service sponsored by the SANS Institute for the benefit of all Internet users. Participants may sign up for DShield at