On Sat, Apr 12, 2008 at 9:02 AM, Randy Bush <randy@psg.com> wrote:
Packet pushers go to *NOG. And the abuse desks mostly all go to MAAWG. And any CERTs / security types the ISP has go to FIRST and related events. And most of them never do coordinate internally, run by different groups probably in different cities ...
"dear coo/ceo/whomever: i want approval to send the five folk who go to nanog, and the five folk who go to maawg, and the five folk who go to first to *all* go to the new frobnitz joint conference."
Collocation would be a useful idea - save airfare, hotel etc. I had this lovely little experience where the lead CERT guy at ISP X was talking about a particular trojan that was hitting his ISP, and was hitting [ISP Y] and hitting [ISP Z]. He says "I saw these trojans hitting ISPs Y and Z but didnt know anybody there". If he'd just bothered to step across the hall and talk to his colleagues at ISP X's abuse desk.. they are, and have been for years, in regular contact with their counterparts at Y and Z - email, face to face, phone, IM etc.
otoh, being on the frobnitz program committee would be an interesting lesson and exercise in industry physics.
You think there's not enough convergence + shared interests in such programs? I mean, abuse + security teams could care less about MPLS and peering, but there is a lot they're discussing (walled gardens, botnet mitigation etc) that does get discussed in far better detail at nanog. Or at FIRST. srs