nanog mailing list archives
Re: Inter-ISP/Telco/X.25 security procedures?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Mon, 16 Sep 2002 15:55:30 +0000 (GMT)
On Mon, 16 Sep 2002, Mark Kent wrote:
Please see Clifford Stoll's book The Cuckoo's Egg for a description of tracking an intruder across various PSTN, PSDN and Internet providers. I haven't seen a better description of the process.And there were, what?, three US ISPs back then? And when Stanford was getting hacked, where was BBN... Answer: right on the Stanford campus, in Stanford buildings! We don't have the same Internet architecture as we had during The Cuckoo's Egg era.
Funny thing is there seem to be about the same number if internet security folks working at the isp's now as at the time of the book's writing :) Most times our procedures fail back to: 1) do a whois on the domain name if the ISP in question 2) call the noc number listed 3) try to work your way around to a security-type person 4) end up emailing logs of the incident to noc@ 5) wait and hope they respond quickly with something helpful :) Depending on the carrier things can be good, or very bad.
Current thread:
- Inter-ISP security procedures? Rajesh Talpade (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Sean Donelan (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Valdis . Kletnieks (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Mark Kent (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Rajesh Talpade (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Christopher L. Morrow (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Sean Donelan (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Mark Kent (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Valdis . Kletnieks (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Craig Partridge (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Mark Kent (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Craig Partridge (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Kevin Oberman (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Mark Kent (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Craig Partridge (Sep 16)
- Re: Inter-ISP/Telco/X.25 security procedures? Sean Donelan (Sep 16)