Security Incidents mailing list archives
Re: What use is the NIPC? / RFF Comments
From: Richard Forno <rforno () infowarrior org>
Date: Sun, 05 Aug 2001 23:40:58 +0000
Pardon the comments and mini-rant. In partial defense, as a security director for a net company, I worked with NIPC since their inception in 1998 - while they had some really good techhie folks there, many have sinced moved on to Cisco and other IT industry vendors. There's not much meat left there, and it's been woefully understaffed since its beginnings - even the April GAO report on NIPC said so. NIPC is a noble idea on paper, but was designed as one of several White House pet projects designed as knee-jerk reactions to the sensationalized nature of information security and the new term of critical infrastructure protection. Look what web vandals were able to get the USG to build and fund - an entirely new organization!!! (How's that for a kiddie's ego trip?) Recall that NIPC is the same entity that ran a one-line virus advisory for I-LOVE-YA that simply read "A new virus has been detected in thie Philippenes" ..... they updated it 4 hours later to say that it was a VBS event and that more info would be provided as it became available. I got better info on the radio driving into work then from NIPC....From what I've seen, their advisories and alerts are redundant to any number of free listservs, vendor, and the time-delayed CERT advisories. Chances are when NIPC reports something, it's been common knowledge for a while. No great secret there. You want cracker-jack computer crime investigations, check out USAF OSI and NASA ... they wrote the book on computer crime investigations and analysis. You want cracker-jack security information on exploits and vulnerabilities, check out BUGTRAQ, INCIDENTS, and such....it's free, useful, and interactive. (yeah, yeah, I plugged the list....) We now return to your regularly-scheduled Code Red analysis. Rick Forno infowarrior.org / incidentresponse.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- What use is the NIPC? aleph1 (Aug 05)
- Re: What use is the NIPC? bonk (Aug 05)
- Re: What use is the NIPC? / RFF Comments Richard Forno (Aug 05)
- Re: What use is the NIPC? Jay D. Dyson (Aug 06)
- <Possible follow-ups>
- RE: What use is the NIPC? Tim Hollebeek (Aug 06)
- Re: What use is the NIPC? bonk (Aug 05)