DShield
Encyclopedia
DShield is a community-based collaborative firewall log correlation system. It receives logs from volunteers world wide and uses them to analyze attack trends. It is used as the data collection engine behind the SANS Internet Storm Center
(ISC). It was officially launched end of November 2000 by Johannes Ullrich
. Since then, it has grown to be a dominating attack correlation engine with worldwide coverage.
DShield is regularly used by the media to cover current events. Analysis provided by DShield has been used in the early detection of several worms, like "Ramen", Code Red
, "Leaves", "SQL Snake" and more. DShield data is regularly used by researchers to analyze attack patterns.
The goal of the DShield project is to allow access to its correlated information to the public at no charge to raise awareness and provide accurate and current snapshots of internet attacks. Several data feeds are provided to users to either include in their own web sites or to use as an aide to analyze events.
Internet Storm Center
The Internet Storm Center is a program of the SANS Technology Institute, a branch of the SANS Institute which monitors the level of malicious activity on the Internet, particularly with regards to large-scale infrastructure events....
(ISC). It was officially launched end of November 2000 by Johannes Ullrich
Johannes Ullrich
Johannes Ullrich is the founder of DShield. DShield is now part of the SANS Internet Storm Center which he leads since it was created from Incidents.org and DShield back in 2001. In 2005, he was named one of the 50 most powerful people in Networking by Network World Magazine...
. Since then, it has grown to be a dominating attack correlation engine with worldwide coverage.
DShield is regularly used by the media to cover current events. Analysis provided by DShield has been used in the early detection of several worms, like "Ramen", Code Red
Code Red (computer worm)
The Code Red worm was a computer worm observed on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server.The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh...
, "Leaves", "SQL Snake" and more. DShield data is regularly used by researchers to analyze attack patterns.
The goal of the DShield project is to allow access to its correlated information to the public at no charge to raise awareness and provide accurate and current snapshots of internet attacks. Several data feeds are provided to users to either include in their own web sites or to use as an aide to analyze events.