nanog mailing list archives

Re: NSP-SEC

From: Hank Nussbacher <hank () efes iucc ac il>
Date: Sat, 20 Mar 2010 20:47:45 +0200 (IST)

On Sat, 20 Mar 2010, William Pitcock wrote:

What I mean is: why can't anyone contribute valuable information to the
security community?  It is next to impossible to meet so-called 'trusted
people' if you're new to the game, which is counter-productive.

If you're a 15 year old kid and you just discovered a way to own the
latest IOS, for example, how do you know who to tell about it?

If I was such a clever 15 year old I would go to Google and enter"contacting cisco ios security"

which would lead me to ->
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
which would lead me to ->
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Same exercise can be repeated for most vendors you can choose.

-Hank

Current thread:

Re: NSP-SEC, (continued)
- - Re: NSP-SEC William Pitcock (Mar 19)
    - Re: NSP-SEC - should read Integrity bmanning (Mar 19)
    - RE: NSP-SEC - should read Integrity Green, Tim R (Mar 19)
    - Re: NSP-SEC - should read Integrity Patrick W. Gilmore (Mar 19)
    - Re: NSP-SEC - should read Integrity Guillaume FORTAINE (Mar 19)
    - Open Security (was Re:[a string that stops delivery here]) Larry Sheldon (Mar 19)
    - Re: NSP-SEC Justin M. Streiner (Mar 19)
    - Re: NSP-SEC Hank Nussbacher (Mar 20)
    - Re: NSP-SEC William Pitcock (Mar 20)
    - Re: NSP-SEC Justin M. Streiner (Mar 20)
    - Re: NSP-SEC Hank Nussbacher (Mar 20)
    - Re: NSP-SEC Guillaume FORTAINE (Mar 20)
    - Re: NSP-SEC Gadi Evron (Mar 20)
    - Re: NSP-SEC Valdis . Kletnieks (Mar 22)
    - Re: NSP-SEC Guillaume FORTAINE (Mar 22)
    - Re: NSP-SEC Randy Bush (Mar 22)
    - Re: NSP-SEC Andrew D Kirch (Mar 22)
    - Re: NSP-SEC Valdis . Kletnieks (Mar 22)
    - Re: NSP-SEC Guillaume FORTAINE (Mar 23)
    - Re: NSP-SEC Valdis . Kletnieks (Mar 23)
    - Re: NSP-SEC Nick Hilliard (Mar 23)

(Thread continues...)