[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] blocking sinkholes and honeypots

Anyone know about this and how to block it? usually there is a dst_ip field but not in this case....

infection => 'bots', subtype => 'dorkbot', port => 'tor-node', naics => '518210', public_source => 'AnubisNetworks', asn => '209', tag => 'sinkhole', sector => 'Communications', family => 'dorkbot', sic => '737415', sourceSummary => 'Drone Report'


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to