Federated attacker/trust information
I am pondering the use of ActivityPub for distributing information about bad actors on the internet. Something like a fail2ban action which would publish on securitybot@social.examplle.com a structured message carrying the meaning "192.168.12.7 has just blocked 10.1.99.5 for SSH bad password attempts". It could follow, for example securitybot@social.example.net etc, and so on and decide to add possible attackers to its own blocklists.
- replies
- 0
- announces
- 0
- likes
- 0