- DShield is interested in the home user. Logs from your routers give them a much broader view of what's going on than logs from a large organization.
- When you turn in your logs, please sanitize them. Replace the first octet with "10".
- The INFOCon alert status is available as an RSS feed (I still have to find it).
The BOF was very interesting. I came away from it with a couple ideas to work on. One of those is coming up with a script, to run on those modified 54G's that many of us have, so that the router logs can be turned in once per hour (as Johannes requested). Another is to investigate how the black hats are employing IPv6 as a covert channel.
Should keep me busy for awhile....