On Tue, 14 Jan 2003, Avi Freedman wrote:
: Is there anything happening with collaborative security : policy and remediation in the industry? Has any effort : showed progress towards an effective ISAC or similar? Can : networks realistically collaborate on security, or do the : political and operational barriers not justify the effort?
I guess the real question is: What is going to happen over the next few years to get the infrastructure of the Internet to be more robust? I don't see market forces doing it. I don't suggest that the government use regulation, either.
All of the initiatives (only a couple) I've found related to Internet operator security collaboration all appear to be pre 2000. At the May 2001 NANOG, which specifically focused on networking security, there was no presentation or (significant) discussion about inter-operator security collaboration. I was hoping to find that due to increased focus on infrastructure security post 9-11, there would actually have been increased activity in this area. Though there's certainly increased interest (probably more on the part of customers and government) I have not been able to find any evidence of increased activity. If anything, it /appears/ that generally inter-operator cooperation is actually decreasing. This may be a result of the competitive and financial changes in the market. This is alarming, considering the increase in attacks against infrastructure, and the sophistication of attacks over the last year. And we still use basically the same ineffective techniques to counteract and track attacks that became household words two years ago. I suspect a very effective worm would change this pretty quickly, most likely through onerous regulation. It's surprising that it hasn't happened already. Pete.