From: "Sean Donelan"
Who has the biggest wall of big screen monitors?
To my knowledge, Norad still does. <quoted from article> The "Global Early Warning Information System," (GEWIS, pronounced "gee-whiz") [...] Mark Rasch, former head of the Justice Department's Computer Crime division, questioned the need for GEWIS. With most Internet attacks, he said, by the time you notice a huge spike in traffic, it's already too late to head off disruptions. </quote> "GEWIS, man. Look at all 'dem red marks. I thought they said a couple hours. It was all pretty and green a minute ago. Who'd do such a thing? They're ruining my pretty screen." I question any government plan when some providers have made it perfectly clear that they are either a) not willing to help track DDOS origination points or b) they are incompetent to do so. Perhaps I should ammend that, if you are not a world known corporation, the above might be true. Now the government will interlink communications between large providers to assist in this. My question is why large providers couldn't interlink themselves and establish guidelines for notification and resolution of network issues. They manage it for peering, why not for overall performance and security issues? Is it better to have a close relationship with the government than it is your competitor? I'm still waiting for someone to contact me reguarding the results of the DDOS assistance I asked for over four months ago for an attack that was actively monitored for well over 24 hours. Honestly, I don't think it was worth their time. Once blocked in their oc192 core, their network stabilized and it wasn't worth looking further into. I expect the bots are probably still in operation today causing havoc because not one of them was tracked and shut down. -Jack