Stupid Question: Network Abuse RFC?
Sean Donelan
sean at donelan.com
Mon Jan 14 07:15:24 UTC 2008
On Mon, 14 Jan 2008, Paul Ferguson wrote:
> Instead of being an apologist for the problem, how would _you_
> suggest we address these process, procedural, and organizational
> issues?
If you look in the archives, in the past I've listed the things
that seem to be needed for those organizations to succeed.
Over the years, I've worked with people to launch new groups, such as
ISP-ISAC, INOC-DBA, NSP-SEC, GIAIS and a few more. Some more sucessful
than others. Some won't admit me as a member anymore :-)
What are you trying to do?
Look at old security incident groups like CERT/CC, FIRST, NRIC and NSIE
that have been around since the late 1980's/early 1990's.
Look at the middle-age groups like BORG, CIX, IOPS, ISPSEC, LINX, NANOG
and RIPE. And a bunch of temporary Y2K groups.
Look at the new groups like APWG, DA/MWP/etc, DDOS-WG, GIAIS/MVI/VIA/SCP/MSSA,
MAAWG, NSP-SEC, SECSAC/RSSAC, lots of *-ISACs.
I left out the academic or government only groups, there are soo many.
If you want to share information, there are lots of ways to do it.
Information does tend to move between the groups, unless you explicitly
say don't share the information. The government folks are convinced
that industry leaks, while the industry folks are convinced that
government leaks.
If you want to get people in a room so you can yell at them about the
lousy job they are doing, that's less useful.
Of course, in a few weeks, someone else will probably be yelling about
ISPs interfering with their right to do something or other.
More information about the NANOG
mailing list