[107384] in North American Network Operators' Group
Re: GLBX De-Peers Intercage [Was: RE: Washington Post:
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Tue Sep 2 23:44:27 2008
Date: Wed, 3 Sep 2008 09:14:20 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "Eric Brunner-Williams" <brunner@nic-naa.net>
In-Reply-To: <48BDF673.6050301@nic-naa.net>
Cc: "Laurence F. Sheldon, Jr." <LarrySheldon@cox.net>, NANOG <nanog@merit.edu>
Errors-To: nanog-bounces@nanog.org
Eric, as you say, it is a multi part test. With fairly clear
distinctions between a compromised node and one under the direct
control of a criminal
So while it is unrealistic when viewed in isolation, put together with
other factors it starts to make a lot of sense.
thanks
srs
On Wed, Sep 3, 2008 at 7:59 AM, Eric Brunner-Williams
<brunner@nic-naa.net> wrote:
> In a parallel universe we're considering profiles for "licit use" of some
> mechanism. One element of a multi-part test to distinguish "licit" from
> "illicit" was the presence or absence of known signatures for malware. After
> some thought it was understood that this test was equivalent to the node
> subject to the test being "cleaner" than the average for network attached
> consumer devices, and therefore not realistic.
