Homeland Security Alert System
Johannes Ullrich
jullrich at euclidian.com
Sun Feb 23 01:51:00 UTC 2003
> ISPs and other communication providers should be prepared to share
> information directly and quickly with each other. If you wait to hear
> from government officials to decide what sanitized information to share,
> it will be hours later. If ever.
If anybody is interested here, I did put together a small group to
experiment with a simple system to exchange and distribute PGP
signed messages quickly.
The basic 'working' of the system is contained within a yet to
be written perl script that will poll a couple of 'master'
servers for updated messages, validate the signatures and post
the messages to a particular URL. Any server pulling these messages
can become a master for other servers, which makes this kind of
a 'P2P network' among web servers. Gateway to usernet/email/pagers/
instant messengers would be possible. New pgp keys would be distributed
as signed control messages within the system. Each PGP key has a
certain number of 'points' assigned, and a message becomes 'valid'
as soon as it has enough signatures to make it past a threshold.
Anyway. Depending on how the water in my basement develops, I may
actually get a first alpha of this out later this weekend. (if not
next weekend). At that point, some testers / coders would be welcome
to work on things like gateways and such.
The overall goal: Make this system fast enough to reach 'everyone'
within an hour. Of course, the system will not work once the
internet is down, but its P2P like structure should provide for
some anti-DDOS robustness.
--
--------------------------------------------------------------------
jullrich at euclidian.com Collaborative Intrusion Detection
join http://www.dshield.org
More information about the NANOG
mailing list