[54755] in North American Network Operators' Group
Re: Scaling up Internet Security (was: Scaled Back Cybersecuruty)
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Wed Jan 15 07:02:05 2003
From: bmanning@vacation.karoshi.com
To: Michael.Dillon@radianz.com
Date: Wed, 15 Jan 2003 04:02:31 -0800 (PST)
Cc: nanog@merit.edu
In-Reply-To: <OF32A0003D.8077B956-ON80256CAF.00392C35-80256CAF.003B6B76@radianz.com> from "Michael.Dillon@radianz.com" at Jan 15, 2003 10:49:01 AM
Errors-To: owner-nanog-outgoing@merit.edu
> > > i've had absolutely no luck getting the source isp's to care about
> > > the problems i've seen at my home firewall in recent weeks.
>
> > we try hard to send out
> > correlated and filtered reports in a standardized format to valid
> > 'contact' addresses. There are some success stories, but more misses
> > than hits overall.
>
> All of this requires an ISAC dedicated to the purpose of analyzing and
> stamping out network abuse.
>
> --Michael Dillon
>
what might be tough is to come up with a universal definition
of "network abuse". even harder will be a change in the fundamental
nature of IP, while maintaining backward compatability with the
existing technology (source vs destination orientation).
then there is the problem of "walled gardens"/NATs that allow/encourage
anonymous behaviour (bad contacts) and the lack of consistant
standards for maintaining accurate contact data (goofy "privacy"
laws)...
the only saving grace is that business relationship you have with
your immediate peers/transit providers. they can help you from
seeing stuff you don't want to see. The trick question is, can
the accomodate your desires along with the rest of their 10,000,000
customers? Esp. with the technologies available to them?
--bill
