Re: Re: China Experience ?

[Alif The Terrible <measl () mfn org>]

On 24 Jul 2002, Russell Fulton wrote:

> >     While I agree that there are various CERT POCs that can be reached
> > with varying degrees of success for true CERT-level events, however, these
> > are not really the reason that I, and many others, have completely wiped .cn
> > IP space off of our respective Internet maps.
>
> I sympathize, however I think that you will find that thing are starting
> to change slowly.

When it speeds up to the point of making me money, rather than me losing
money, let me know - I'll be happy to open up ;-)

>  The members of CNCERT I have talked with are well
> aware of the problems and appear committed to doing something about it. 
> Their approach (as I understand it) is based on widespread education of
> systems support staff adn improving incident response.  They are
> inviting people to send reports of day to day stuff to CNCERT and they
> will deal with the problems of contacting people within China and making
> sure they are aware of the problems and what to do to fix them.

I have no doubt that much, if not all of .cn is already "aware of the
problems and what to do to fix them", the problem is that they do not care to
do so (also likely based on business decisions).  I'm OK with this - it's
their network, and they can run it the way they like.  On my networks, the
policy stands.
 
> I think that it may be time to reconsider your stance.  As Eugene
> Spafford pointed out at the recent AusCERT conference "By 2005 half the
> population of Internet users will be native speakers of Mandarin". 
> China is not going to go away and will soon be a very major part of the
> market.

Not if they don't clean up their act: I'm not the only one filtering their
traffic.  Just because 1/2 of the Internet's "subscribers" come from .cn
doesn't mean that their traffic is meaningful to _my_ subscribers.  Remember,
this strictly about money - and .cn is a BIG money loser for everyone
_execpt_ .cn right now.


> Cheers, Russell
>
> Russell Fulton, Computer and Network Security Officer,
> The University of Auckland. New Zealand.
 

-- 
Yours, 
J.A. Terranson
sysadmin () mfn org

If Governments really want us to behave like civilized human beings, they
should give serious consideration towards setting a better example:
Ruling by force, rather than consensus; the unrestrained application of
unjust laws (which the victim-populations were never allowed input on in
the first place); the State policy of justice only for the rich and 
elected; the intentional abuse and occassionally destruction of entire
populations merely to distract an already apathetic and numb electorate...
This type of demogoguery must surely wipe out the fascist United States
as surely as it wiped out the fascist Union of Soviet Socialist Republics.

The views expressed here are mine, and NOT those of my employers,
associates, or others.  Besides, if it *were* the opinion of all of
those people, I doubt there would be a problem to bitch about in the
first place...
--------------------------------------------------------------------



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com