I setup a 'real time' report by AS to assist networks
in finding infected systems. The URL:
http://www.dshield.org/asreport.php
This report is intended for automated parsing, so it comes as a simple
tab delimited table with brief 'usage' header. You can filter by target
port, protocol and AS. The AS number is required.
The AS lookup is somewhat experimental. So feedback is appreciated.