About Deny List
Security is all and InfoSec is more important than past. Deny List is a project to prevent systems from any security threat. Especially focused on DDoS attacks, spamming and certainly Spoofing attacks. We have an idea for make a new attack detection system by synced deny list from our nods. Our network even can be more usable on fast reaction on critical times. Nodes can register voluntary and choose the rang of sharing data.
Distributed DoS attack. A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.
Typical targets of DoS attacks include all kinds of (prominent or not so prominent) sites or services such as financial and banking institutions, online e-commerce establishments, news & media sites, online gaming communities, the public sector, and lately, even entire countries.
We know there is absolutely no way to fight DDoS attacks. However with employing high-capacity, stable and secure internet channels, specialized software solutions and distributed hardware equipment can help to defend.
Thus, the problem of fighting DDoS attacks is usually not readily solvable for small and medium sized businesses. So here Deny List idea created. help together to prevent from DDos attaks.
Deny List set the risk rate for any IP submitted from our nodes. SysAdmins can configure the custom restrict rate on their servers by using our lists. it's simple, clear and online. Not just block many Ip list or block by country. it's let you to have ready status before attak.
A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls. There are several different types of spoofing attacks that malicious parties can use to accomplish this.
IP spoofing is a default feature in most DDoS malware kits and attack scripts, making it a part of most network layer distributed denial of service DDoS attacks. Spoofing creates a danger when hosts on the LAN permit access to their resources and services to trusted hosts by checking the source IP of the packets. Using spoofing, an intruder can fake the source address of his packets and make them look like they originated on the trusted hosts.
The basic idea of anti-spoofing protection is to create a firewall rule assigned to the external interface of the firewall that examines source address of all packets crossing that interface coming from outside. If the address belongs to the internal network or the firewall itself, the packet is dropped. But it's not all, there are most powerful methods like SAASM and others however here we have to improve the idea on defending spoofing.
We are not only new DBL or RBL. We have very creative idea for detect the spam activities in shared hosting. Our solution is useful for both side (sender and receiver). Hosting managers simply find the wrongdoer accounts in their servers. Also we planned to design a new restricted (and tag) system for mail inboxes to filter spams.
Basic security topics
Scientific approach on security help us to better understand how can detect the attacks. Here on Deny List we have knowledge base and we work on keep that up to date.
Also we have a little try on making products for end user (web clientes) not as node but it's completely relevant to our focused topics. Linux and Microsoft users all are contained. This aim is really big but we will do step by step.