clued/interested LEO list
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Apr 11 05:31:49 UTC 2005
At 02:12 PM 10-04-05 -0700, william(at)elan.net wrote:
>What is different about this then your current botnet tracking lists?
>
>If its anti-spam & anti-phishing, there are several closed mail lists
>discussing preventetive measures and tracking down those responsible
>for abuse.
Yes, us geeks have many lists to go to to find others who have common
interests and goals. What I have found out is that there is close to zero
interaction between the various LEOs when it comes to bots, phishing, spam,
pron, threats, fraud and anything else you can find in the online
world. We take for granted that within a few hours you can contact some
netadmin in California, Mexico, Germany, Israel, Japan, Greece, Australia
or any other country that is connected to what the press terms the
"Information Superhighway".
If the threat is a $100M international bank fraud then the LEOs all play
nice and have tools to communicate with each other. But we here all know
that all threats are not Defcon I and many are Defcon IV or III. The LEOs
don't get involved in online/cyber incidents of the lower levels. And
trying to get them to play with each other can take weeks of nudging and
often leads to nothing.
I therefore think a list where motivated and clued-in LEOs from many
countries can chat among themselves is something sorely lacking. For
evidence and subpoenas, they will always have their own internal methods.
-Hank
More information about the NANOG
mailing list