Disclosed is a system and method for the sharing of intrusion-related information. The sharing of intrusion-related information occurs via a peering relationship between a first Internet Service Provider (ISP) and a second ISP. A first node associated with a first ISP transmits intrusion-related information to a second node associated with a second ISP. The first node identifies intrusion-related information meeting a first criteria. The first node then transmits the intrusion-related information to the second node. The intrusion-related information includes one or more of a list of attackers that previously probed the first node, the protocol used, the time of the probes, and the individual alarms raised.