Stupid Question: Network Abuse RFC?
Paul Ferguson
fergdawg at netzero.net
Mon Jan 14 02:17:59 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -- Sean Donelan <sean at donelan.com> wrote:
>MAAWG is useful for particular subjects, not as useful for other subjects.
>I expect the same will be true for any forum.
>
What is the appropriate mechanism within NANOG?
I mean, given previous topics covered in the NANOG security BoFs,
it would appear that a lot of attention has been given to statistical
analysis of DDoS flows traffic, securing infrastructure, etc. -- all
of which are honorable & desired goals.
But what about involvement of incident reporting (and responding?),
that is inclusive of the Internet community at-large?
NSP-Sec is clearly a "closed" community which excludes many of the
organizations who could actually help contribute intelligence, work
with law enforcement, and make a positive difference.
My opinion is that the ISP community, by and large, tend to say that
they are dealing with the situation, and are willing to address
these issue, yet in reality they tend to minimize the issues and
sweep it under the rug because it is not in their financial interests
to enagage them, or it doesn't jive with their "existing processes".
So I ask you, how do we address this situation?
Instead of being an apologist for the problem, how would _you_
suggest we address these process, procedural, and organizational
issues?
I consider this to be way beyond the boiling point, and an issue
that we all need to address -- and engage.
Thanks,
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wj8DBQFHisZWq1pz9mNUZTMRAgahAJ9TxYI3q9FS+KlQvCLytVNqlEaHKQCg5Xev
MzJItZoHM8rbUs3UbBewA2w=
=SyBg
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG
mailing list