I beg to differ, wither I aggregate my announcements does not impact the $50B charge identity theft puts on the US economy.
Perhaps a better start on impacting this would be for the credit card companies to pursue the people that abuse their cards/systems instead of just writing fraudulent purchases off as a loss and not pursuing them any further. I been through it myself and I know for a fact that at least one major cc company operates in this way. In this model there's nothing to discourage someone from using stolen numbers. Just my $.02 ~M -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Rick Wesson Sent: Tuesday, October 31, 2006 8:02 PM To: Barry Greene (bgreene) Cc: nanog@merit.edu Subject: Re: advise on network security report Barry Greene (bgreene) wrote:
Postings like this to NANOG will not have any impact. So if your goal is instigate action, posting is not going to work. The core data point is the weekly CIDR report. It only works if you have peers using the weekly list to apply peer pressure to the networks listed to act.
I beg to differ, wither I aggregate my announcements does not impact the $50B charge identity theft puts on the US economy. would it assist if I associated a dollar value for each bot hosted, we can estimate the number of credit cards stolen per bot and extrapolate in to something with some zeros on it.
Sharing summaries to communities like dshield, NSP-SEC, DA, SANs and other security mitigation communities along with a subscription web page that would allow an organization to get enough details to take action.
nsp-sec players still won't let us in their sand-box... but we will share to the communities you have enumerated. -rick