Re: Hi, we're from the government and we're here to help
On Thu, 09 March 2000, Randy Bush wrote:
The key is the ability to reach the right person. In a small provider its easy because the boss answers the phone, or someone who knows the boss answers the phone. In a large provider, you might know a "famous" person. And even though they won't be the right person, they'll know the right person. If AT&T does something stupid, Randy might call Steve Bellovin (the wrong person) who in turn could hit the right manager over the head with the clue-by-four. Replace with the appropriate provider/person UUNET/Mike O'Dell, Verio/Randy Bush, etc. The problem is with providers without famous people and too many people, so they don't know each other. If you don't already know someone at, for example, NTT or BT or Qwest, navigating through their public contacts usually doesn't get you too far. What may be interesting is looking at how other industries handle the problem. In the banking industry, where failure to contact another bank can result in millions of losses, Thompson Publishing has an extensive directory of the security contacts for essentially every bank in the world. Thompson actively verifies the contact information, and banks pay a bunch of money for current copies of the directories. In the chemical industry, where failure to respond to a leak can result in millions in liability, the chemical manufactures' association maintains a 24-hour number which will contact the appropriate company's response group. Again, the contact information is actively verified.
At 06:18 PM 03/09/2000 -0800, Sean Donelan wrote:
Interestingly enough, there are a couple of very useful documents which have come out of the IETF GRIP (Guidelines and Recommendations for Security Incident Processing) Working Group: RFC2350 (BCP21): "Expectations for Computer Security Incident Response", N. Brownlee, E. Guttman, June 1998. http://www.ietf.org/rfc/rfc2350.txt "Security Expectations for Internet Service Providers", draft-ietf-grip-isp-expectations-03.txt, T. Killalea, February 2000. http://www.ietf.org/internet-drafts/draft-ietf-grip-isp-expectations-03.txt "Security Checklist for Internet Service Provider (ISP) Consumers", draft-ietf-grip-user-02.txt, T. Hansen, June 1999. http://www.ietf.org/internet-drafts/draft-ietf-grip-user-02.txt "Site Security Handbook Addendum for ISP's", draft-ietf-grip-ssh-add-00.txt, T. Debeaupuis, August 1999. http://www.ietf.org/internet-drafts/draft-ietf-grip-ssh-add-00.txt In fact, draft-ietf-grip-isp-expectations-03 just went to Last Call in the IETF prior to being advanced as a BCP. - paul
In message <20000310021807.4898.cpmta@c004.sfo.cp.net>, Sean Donelan writes:
Sounds like Sean and Ren should go get some funding for this, heck I'd pay for it. (It would still probably be cheaper than something like IPOPS or CERT, which is not to completely dismiss those two organizations.) --- jerry@fc.net Director Network Operations/Network Engineering, Wayport, Inc. 512-481-1542x522 www.wayport.net 1609 Shoal Creek Blvd Suite 301
Thanks for the thought Jeremy, but no thanks. Sean & I are greedy commercial folks who like to track peering&exchange point stuff for work but make enough to afford frequent adventure vacations.... not so bad really <g> -Ren, who will be working with Chris Icide on location selection for the Internet Regatta again this year... send suggestions for the week long, late November trek to: chris@onyx.net and/or ren@onyx.net At 10:49 PM 3/9/00 -0600, Jeremy Porter wrote:
-Ren Lauren F. Nowlin, ren@onyx.net / peering@onyx.net Director, Peering & Interconnects - http://www.onyx.net/peering/ Onyx Networks, Inc., a wholly owned subsidiary of Pacific Gateway Exchange Voice: 650-558-3262, Fax: 650-558-3160, Cellphone: 650-281-6963
participants (6)
-
Jeremy Porter
-
Lauren F. Nowlin
-
Paul Ferguson
-
Randy Bush
-
Sam Thomas
-
Sean Donelan