Re: Re: China Experience ?

[Nick FitzGerald <nick () virus-l demon co uk>]

Chris Brenton <cbrenton () altenet com> wrote:

> Again, I concur. Up till recently .cn was blocked from accessing
> sans.org, incident.org, dshield.org, whitehats.ca, 3 financial
> institutions and a host of other .org and .com's under my wing. If they
> can't play nice why let them play at all.

How recently?

What made you change your mind?

It wasn't the boss saying "Hey -- we want Chinese admins to be able 
to learn about better security initiatives from [sans|incidents]"?

Seems kinda "head in the sand" to keep the admins from the reputed 
"worst offenders" away from some of the reputed best suppliers of 
"how to do it better" information...

> In my spare time I teach the Perimeter track for SANS. One thing I'm
> *very* big on with my students is banning subnets that are high
> maintenance and provide no value add. For example, if you don't do
> business with .cn's, why expose yourself to attack from this source?

Have you recently added a segment on "Why it is not the network 
admin's job to decide who your employer does business with"?    8-)


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com