On Tue, 14 Jan 2003, Pete Kruckenberg wrote:
All of the initiatives (only a couple) I've found related to
Internet operator security collaboration all appear to be
pre 2000. At the May 2001 NANOG, which specifically focused
on networking security, there was no presentation or
(significant)
In article [EMAIL PROTECTED] Pete Kruckenberg wrote:
: One of the criticisms of the change relative to this group
: is that the previous stronger wording for the network
: operator industry was watered down. Instead of
: expecting/demanding/mandating that the industry collaborate
: on network
In article [EMAIL PROTECTED] Vijay the Budget Master wrote:
: Avi Freedman [EMAIL PROTECTED] writes:
: Perhaps the Feds (and maybe states) could use their purchasing power
: to effect change. Short of that, or regulation, the I don't see how
: the serious issues we have with the 'net will get
Avi Freedman [EMAIL PROTECTED] writes:
Many networks of sizable import have no capex budget, though - or
sometimes very little if no engineering resources. They all pay
attention to sales - and especially to RFIs and RFQs from the Feds,
though.
I suspect this will be a self correcting
On 14 Jan 2003, Paul Vixie wrote:
This is alarming, considering the increase in attacks
against infrastructure, and the sophistication of attacks
over the last year. And we still use basically the same
ineffective techniques to counteract and track attacks that
became household
On Tue, 14 Jan 2003, Christopher L. Morrow wrote:
To start fixing this problem every ISP really needs some security folks
dedicated to customer security issues... These folks need to have the
ability to contact customers and shut off services until the problem has
been rectified.
I'd be
i've had absolutely no luck getting the source isp's to care about
the problems i've seen at my home firewall in recent weeks. (see
below if you wonder whether i'm implicating anyone here.) there's
no other way to view the internet than as a worm-infested zombie.
hehe... I know the
On 14 Jan 2003, Vijay Gill wrote:
Avi Freedman [EMAIL PROTECTED] writes:
Perhaps the Feds (and maybe states) could use their purchasing power
to effect change. Short of that, or regulation, the I don't see how
the serious issues we have with the 'net will get resolved.
People do. I've
denominator. Purchasing
requirements, subsidies, taxes, regulation??? Maybe a bunch of economic
voodoo, but might be a different way of looking at the issue.
- Original Message -
From: Pete Kruckenberg [EMAIL PROTECTED]
Date: Tuesday, January 14, 2003 8:16 pm
Subject: Re: Scaled Back
On Tue, 14 Jan 2003, Andy Dills wrote:
On Tue, 14 Jan 2003, Christopher L. Morrow wrote:
To start fixing this problem every ISP really needs some security folks
dedicated to customer security issues... These folks need to have the
ability to contact customers and shut off services
In article [EMAIL PROTECTED] Pete wrote:
: I'm trying to envision an RFP that awards business to one or
: a few network operators, but requires that they interoperate
: effectively with other operators who don't win any of the
: business. I've only got a state-level purchasing
: perspective, but
In article [EMAIL PROTECTED] you wrote:
: Seems to be a case of prisoners dilema. The security of any one network
: is to some extent at the mercy of all other connected networks. The
: overall security of the network is only as strong as it's weakest link.
: In a highly competitive market
In article [EMAIL PROTECTED] Pete wrote:
: I'm trying to envision an RFP that awards business to one or
: a few network operators, but requires that they interoperate
: effectively with other operators who don't win any of the
: business. I've only got a state-level purchasing
:
Avi Freedman [EMAIL PROTECTED] writes:
- Routers must be configured by end of 2003 so that all packets
to the control plane must be logically separated from user
packets (or demonstrate the ability to take 200mb of attack
traffic to the router CPU without having an effect)
This at
willing to provide enough incentive to change the
market place? If RFP's alone can't do it what else could be tried?
- Original Message -
From: Avi Freedman [EMAIL PROTECTED]
Date: Tuesday, January 14, 2003 9:06 pm
Subject: Re: Scaled Back Cybersecuruty
In article [EMAIL PROTECTED] you
On Tue, 14 Jan 2003 [EMAIL PROTECTED] wrote:
:That is the rub. Kind of like targeting treatment for AIDS to those
:with the most sexual partners - it helps solves the problem but is it
:worth rewarding irresponsible behaviour.
I don't think its fair or sensible to evaluate the outcome of a
In article [EMAIL PROTECTED] John wrote:
: The problem is that the government does not have large purchasing power
: compared to the commercial side of the house. The government doesn't buy in
: bulk, doesn't buy often and usually selects the lowest cost. Vendors design
: equipment/services
In article [EMAIL PROTECTED] John wrote:
SNIP
: acknowledge them (this goes for government and industry). And
sadly there
: are some vendors who are so big or have such a large share of
their market
: space, that they just do what they want regardless.
: John S. Maddaus
I really
In article [EMAIL PROTECTED] Mr. Maddaus wrote:
: This may be true on the services side of the business but the hw/sw
: manufacturing side that provisions the service side has seen fit in years
: past to ignore small issues. It is just too costly to develop and support
: with limited RD
On Tue, 7 Jan 2003 [EMAIL PROTECTED] wrote:
This may be of interst:
AP: Bush Expected to Sign Scaled Back Internet Security Plan
One of the criticisms of the change relative to this group
is that the previous stronger wording for the network
operator industry was watered down. Instead of
[EMAIL PROTECTED] (Pete Kruckenberg) writes:
Is there anything happening with collaborative security policy and
remediation in the industry? Has any effort showed progress towards an
effective ISAC or similar? Can networks realistically collaborate on
security, or do the political and
This may be of interst:
AP: Bush Expected to Sign Scaled Back Internet Security Plan
Washington, DC -- A new Bush administration plan aimed at improving the
security of key U.S. computer networks will not be as ambitious as
previously indicated, the Associated Press reported on Tuesday. The
22 matches
Mail list logo