Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What Are Source Address Blacklists?

address blacklist blacklists CTA dshield highly predictive source
0
Posted

What Are Source Address Blacklists?

0 CommentsAdd a Comment

1 Answer

0

There are two common practices in formulating a blacklist. Sites such as DShield.org compile global worst offender lists (GWOL) of the most prolific attack sources, and regularly post firewall parsable filters of these lists to help the Internet community fight back. Another common practice is for a local network to create its own local worst offender list (LWOL) of those sites that have attacked it the most. LWOLs have the property of capturing repeat offenders that are indeed more likely to return to the local site in the future but are only reactive to new encounters with previously unseen attackers. On the other hand, while GWOL has the potential to inform a local network of highly prolific attackers, it also has the potential to provide a subscriber with a list of addresses that will simply never be encountered. Highly Predictive Blacklists (HPBs) represent a radically different approach to blacklist formulation. HPB are derived uniquely per DShield contributor, and rank the attac

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123