Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Get alerted if your IP appears on a security threat list (

An anonymous reader writes: After suffering through an adventure of trying to ingest threat lists, we built to make it easy to get an email alert if an ip address appears on a public threat intelligence list. At this point, the lists cover 600M+ ip addresses listed as threats. The lists are updated daily. There is an API if you’d like to use in a DevOps context (i.e. periodically check if a your servers/containers are running on IP addresses appearing on threat lists, check if a website visitor is coming from a suspect IP).

Comment LifeEnsured ftw (Score 1) 402

I run a company that exist for the explicit purpose of preventing these kinds of issues when someone passes away. We've got several happy customers, are backed by an irrevocable trust and get a feed of people who have passed away from the social security administration (in addition to letting people select someone to verify that they have passed away)

We've also put together where we reviewed all of the privacy policies for major sites and pulled out the processes they require if someone passes away. We also had a lawyer pull relevant laws which you can use to help get access to things from internet companies if you are having trouble.

For the security minded. When we take a password, it is encrypted with a 2048 bit public key. The private key is stored offline. We only decrepit passwords when we have verified one of our clients has passed away and the process involves a human who has undergone a background check.

Comment Be a doctor, not a cop. (Score 1) 363

I work in IT security for a large financial firm. We've spent a good amount of time convincing the development community and the business that security is THEIR responsibility and have built processes to reinforce this (i.e. if folks want to do truly risky things, we can make them go get signoff from senior management). With check in place, I feel we take the approach of "doctors" for applications/architectures.

Dev team is building a new architecture to trade with an exchange? They ask us to review their architecture before they build (sort of like a checkup before going to climb a very dangerous Mt. Everest).

User accidentally e-mails confidential information to the wrong counterparty? We help them work with legal to get things cleared up, give training on appropriate data handling and add client controls to their outlook. (I.e. tell a kid not to run with scissors, take away the scissors and put band aids on the wounds)

In this light, I feel I'm proactively helping folks and treating those who have run intro trouble. Security folks are able to have a broad view of the solutions available to common problems (even outside of security) and teams get value out of this. I've even had folks say (and mean) thanks after meetings that involved them totally re-architecting their application. With the right approach, you can be more than a roadblock...

Slashdot Top Deals

In a consumer society there are inevitably two kinds of slaves: the prisoners of addiction and the prisoners of envy.