ISPs and other communication providers should be prepared to share information directly and quickly with each other. If you wait to hear from government officials to decide what sanitized information to share, it will be hours later. If ever.
If anybody is interested here, I did put together a small group to experiment with a simple system to exchange and distribute PGP signed messages quickly. The basic 'working' of the system is contained within a yet to be written perl script that will poll a couple of 'master' servers for updated messages, validate the signatures and post the messages to a particular URL. Any server pulling these messages can become a master for other servers, which makes this kind of a 'P2P network' among web servers. Gateway to usernet/email/pagers/ instant messengers would be possible. New pgp keys would be distributed as signed control messages within the system. Each PGP key has a certain number of 'points' assigned, and a message becomes 'valid' as soon as it has enough signatures to make it past a threshold. Anyway. Depending on how the water in my basement develops, I may actually get a first alpha of this out later this weekend. (if not next weekend). At that point, some testers / coders would be welcome to work on things like gateways and such. The overall goal: Make this system fast enough to reach 'everyone' within an hour. Of course, the system will not work once the internet is down, but its P2P like structure should provide for some anti-DDOS robustness. -- -------------------------------------------------------------------- jullrich@euclidian.com Collaborative Intrusion Detection join http://www.dshield.org