1) What is REACT?
REACT is a security monitoring service designed to track botnets and harmful incidents threatening critial networks. The service alerts you to security breaches happening in real time on your network so you can stop problems as soon as they start. Learn More: [Services] [Technology]
2) What's included in the service?
The service includes a web-application, CSV downloadable data files, real-time alerts via email, graphs, charts, trend tracking, and summary reports.
3) Where's the data come from?
We operate our own large scale network of spamtraps, honeypots, probes, and crawlers that collect data on abusive hosts and suspicious network traffic. We also gather information from BGP tables, RIR's and other registration databases. On top of this we aggregate data from over 130 partner sources of traffic data to nail security incidents as soon as they strike.
4) What's in the data?
Origin IP Address, Timestamp, and type of abuse for every incident. For incidents caught in our primary traps, often times full email header and body information, or other botnet command information is available. We track many different kinds of abuse and suspicious hosts including spam, viruses, worms, denial of service attacks, insecure web servers, open proxies, open relays, botnets, irc abuse, name server abuse, and other botnet behaviors.
5) How much does REACT cost?
Pricing is based on the size of your network. We provide a huge discount to universities, colleges, K-12 schools, and 501(c)3 non-profit organizations. Contact us at firstname.lastname@example.org to get all your pricing and technical questions answered.
6) What exactly does REACT do again?
REACT captures evidence of over 1.2 million unique IP addresses engaged in malicious activity every day. We gather the data and report it to you based on your CIDR blocks or AS numbers. The monitoring service can alert you in real time when one of you IP addresses is observed engaging in any one of the tracked malicious behaviors, or provided consolidated reports for larger networks.
7) Why do I care if my computers are spamming?
Because they're ruining the internet, costing businesses tens of millions of dollars a year, and funneling cash to criminal organizations. The majority of spam is sent via compromised hosts these days, which are also key logging and packet sniffing their way into identity theft. Hacked machines are usually set to scan neighboring machines for exploits and try to gain access with stolen logins. Any data on a compromised system must be assumed lost to hackers, including personal email and banking passwords. As soon as a system is compromised it must be discovered as fast as possible to minimize its threat to your customer's and employees privacy and security. If you don't care about that and you run a network you should really rethink your career.
8) How do I sign up for REACT?
Signing up for REACT is simple. You can sign up now and start your monitoring immediately. With just your IP address range or AS number you're in business. When you sign up we'll send you any data we have on your network for the past thirty days as well so you'll know about any abusive systems already operating on your network.
9) What's the catch?
There is none. REACT will monitor your network 24 hours a day and notify you the instant something goes wrong. If not completely satisfied you can cancel at any time with no cancellation fees and no questions asked. There are no long contracts or anual service commitments to worry about. Learn More
10) What's the DOA Report?
The DOA report, which stands for Digest of Abuse, is a weekly report we put together outlining observed abusive IP addresses broken out by Autonomous System and Geography. We post the report monthly to network operators forums such as NANOG, and can be received on a weekly basis from the DOA mailing list. Learn More about the DOA Report
11) What's the DOB List?
The DOB list, which stands for Date of Birth, or possibly Day Old Bread for the troublemakers amongst you, is a DNSRBL containing domains 5 days old or younger and can be used for spam, web, IM and other filtering purposes. The list is available on a query basis to all parties. Learn More about the DOB List