Re: iso 17799

[Dana Nowell <DanaNowell () cornerstonesoftware com>]

At 07:04 PM 7/21/2004 -0400, Frederick M Avolio wrote:
> Years ago Win Treese (Project Athena, DEC Cambridge Research Lab, Open 
> Market, etc.) came to the following conclusion: "not only is all human 
> knowledge on USENET, it's typed in every two weeks.
>
> The information you ask for is out there. And it has been repeated multiple 
> times. Having it in one repository only means it is one more place people 
> will ignore. Seriously. Nothing Marcus said earlier in this thread was 
> anything he and others hadn't said 10 years ago. No joke.

I agree lots of the information exists that's the easy part :-).
Unfortunately crud exists at a ratio of 10,000,000+ to one gem.  If you
guys think I'm worried about creating the info, you're wrong, I know a lot
of it exists.  However, the organization stinks.  I search on Google and it
takes up to an hour or so to find a good in-depth article on some topic
(2,000,000 hits, mostly marketing drivel).  Now Paul needs it, so he spends
an hour, then Marcus, then ...  How about I find it (cost .5 hours, 'cause
I'm good;), I post a link somewhere, Paul finds it (cost .1 hour), then
Marcus (cost .1 hour) and ...  Total number of hours saved per year could
be anywhere from zero to a really big number.  More available hours is a
good thing.  Of course this only works if the poster can be trusted and if
the deluge of info/links can be categorized/searched/sliced/diced.  Now
let's toss in any papers written by us for the list (e.g., how does
application X's protocol work), post them to a web site and link'em (more
grist for the mill).  What we have is a pre-vetted 'search result set'.
The hard part is the vetting and the organization (search engine?).  Toss
in some automation to weed dead links periodically and magic, a helpful
repository (assuming people actually post to it and the vetting mechanism
works).

Why is it helpful.  People don't post some stuff to the list (risk analysis
papers, long documents, sample configs, ...) because it is bad form to
force feed it to several thousand uninterested people, we now lose that
data/help.  We now have a non-intrusive method to make that available.
Some people are bad at using search engines and a small 'more on topic'
search engine improves their ability to find stuff.  Some people have no
clue about the topic they are researching, it is new to them.  They now
have a source 'vetted by peers' to start from.  I'm sure several other
reasons will occur to others.  

It seems to me that the technology exists, lots of the information exists,
the people with knowledge to separate the wheat from the chaff exist (on
this list).  What lacks is hosting, disk space, some possibly hard code, a
politically correct and workable solution to the vetting issue, and the
will to do it.

> But, Dana, I have a suggestion. You can gather the answers together and 
> publish them. I am not kidding. Books written by someone who has to 
> actually deal with what they write about are terrific. (Don't take that to 
> mean big sellers... I have personal experience in that area.) And finding 
> someone to publish nowadays is really easy.

IMO, the information is too dynamic.  Any book would be obsolete before it
hits the store.  We need a dynamic resource that ebbs and flows with the
changes on the net.  A new spiffy killer app/hardware doo-dad/protocol hits
the street and we get links to several analysis/review papers, over time
(weeks/months/years) the item gets less useful/popular/important, the links
decay, and they get weeded from the knowledge base.  Books can't really
cover that very well.  

Besides, my spelling stinks ;).


-- 
Dana Nowell     Cornerstone Software Inc.
Voice: 603-595-7480 Fax: 603-882-7313
email: DanaNowell_at_CornerstoneSoftware.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards