Hi,
On Mi, 2006-01-25 at 03:20 -0500, Martin Hannigan wrote:
Hi.
In the next day or so some of us will cooperate to bring to the attention of all effected AS's information about infected users in their net-space.
That would be "affected".
This will be coordinated with several groups and organizations. Please expect these emails, thanks.
In other words, NANOG is a step child of these and we'll only see the PR? If you're going to keep the mitigations off of NANOG, it's probably safe to keep it all off. We all read newspapers, blogs, and slashdot.
sorry, but i couldn't understand your problem. I think it's just a usefull information, wich AS is infected by a critical worm. Also i relay this information to people, who think this informations are usefull, too.
Ok, perhaps there are people to advertise themselves, but why not? When they invest time in this work, why aren't they allowed to get some kind of approval?
Nah, we already know who those people are. It's more like if you keep predicting a blizzard and I wake up and there was a misting of rain, I keep getting less and less interested in the predictions. It costs real money to get these dances going and unless you're going to give us all the information, please don't bother. The snort SIDS were nice, but as far as I am concerned, IL-CERT is not a trusted source. The third story about this horrrible worm: http://www.commentwire.com/article_news.asp?guid=20856A5C-3952-4F2C-913A-1E9... If I don't see SANS running around with their capes off, I don't really pay too much attention. The last one wasn't a big hit like they thought, but they do good work. I "trust" them more than I trust IL-CERT telling North Americans to drop our hotdogs, turn off our football, and get ready for "worms". I'd hope to see US-CERT continue making progress and telling North Americans when to worry. The work everyone is doing is fantastic, but it's pretty clear trust is being ignored and while we're ont he subject proper delivery of files with checksums etc. It ain't happening anymore. -M<