Scaled Back Cybersecuruty

Pete Kruckenberg pete at kruckenberg.com
Tue Jan 14 18:50:13 UTC 2003


On Tue, 14 Jan 2003, Avi Freedman wrote:
> : Is there anything happening with collaborative security
> : policy and remediation in the industry? Has any effort 
> : showed progress towards an effective ISAC or similar? Can 
> : networks realistically collaborate on security, or do the 
> : political and operational barriers not justify the effort?
>
> I guess the real question is:  What is going to happen over the
> next few years to get the infrastructure of the Internet to be more
> robust?  I don't see market forces doing it.  I don't suggest that
> the government use regulation, either.

All of the initiatives (only a couple) I've found related to
Internet operator security collaboration all appear to be
pre 2000. At the May 2001 NANOG, which specifically focused
on networking security, there was no presentation or
(significant) discussion about inter-operator security
collaboration.

I was hoping to find that due to increased focus on
infrastructure security post 9-11, there would actually have
been increased activity in this area. Though there's
certainly increased interest (probably more on the part of
customers and government) I have not been able to find any
evidence of increased activity. If anything, it /appears/
that generally inter-operator cooperation is actually
decreasing. This may be a result of the competitive and
financial changes in the market.

This is alarming, considering the increase in attacks
against infrastructure, and the sophistication of attacks
over the last year. And we still use basically the same
ineffective techniques to counteract and track attacks that
became household words two years ago.

I suspect a very effective worm would change this pretty
quickly, most likely through onerous regulation. It's
surprising that it hasn't happened already.

Pete.




More information about the NANOG mailing list