nanog mailing list archives
Re: NSP-SEC
From: Guillaume FORTAINE <gfortaine () live com>
Date: Tue, 23 Mar 2010 11:13:48 +0100
Conclusion : if you can't reply to these fundamental questions, hire a CISO and build a CSIRT.<sigh> I *so* hate making an argument from authority (other than "I think smb published a paper on that already"), but in your case I'll make an exception. Go read http://www.sans.org/dosstep/roadmap.php Read the date, read the signatories.
I have read with interest this document. 1) Remarks :-Bill Clinton is no longer the president of USA . Howard Schmidt is the new cybersecurity czar :
http://www.facebook.com/howardas (By the way, Gadi Evron is in his Facebook friends ?!?) 2) Notes : a) Problem 1: Spoofing & Problem 2: Broadcast Amplification http://docs.google.com/viewer?url=http://www.dca.fee.unicamp.br/~chesteve/pubs/LIPSIN_sigcomm2009_jokela.pdf b) Problem 3: Lack of Appropriate Response To Attacks http://docs.google.com/viewer?url=http://nanog.org/meetings/nanog47/presentations/Sunday/Green_Top10_Security_N47_Sun.pdf c) Problem 4: Unprotected Computers http://docs.google.com/viewer?url=http://www.whitehouse.gov/files/documents/cyber/Gourley_Bob_Open_Source_Software_and_Cyber_Defense_01_April_2009.pdf
Ask yourself if you *really* want to be telling me that we need to build a CSIRT. (Answer - our CIRT was up and running back in 1991, and was well-known in 2000. So no, we don't need advice on how to start one.
VT-CIRT : http://docs.google.com/viewer?url=http://www.it.vt.edu/publications/annualreports/annualreport2007-2008.pdfo Students designed, built, and are maintaining the vulnerability scan engines that are
the core of the www.ids.cirt.vt.edu site. CSIRT-MU : http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf Project Results Further Information: 3 Journal papers, including IEEE Intelligent Systems 20+ conference papers (RAID, AAMAS, IAT, FloCon,...) How to get it? University startups:-INVEA-TECH a.s. - FlowMon probes, collectors for high-speed data monitoring (with MU, VUT and CESNET) -Cognitive Security s.r.o. - CAMNEP system for real-time data mining (with CTU)
Supported by: U.S. ARMY RDECOM-CERDEC, CESNET, Czech MOD
We've got literally man-centuries of experience in running one already. By the way, where were you in 1991?)
In 1991, I was in primary school. In 2000, the date of your link, I got my first access to Internet. And now ? ;) !
Best Regards, Guillaume FORTAINE
Current thread:
- Re: NSP-SEC, (continued)
- Re: NSP-SEC William Pitcock (Mar 20)
- Re: NSP-SEC Justin M. Streiner (Mar 20)
- Re: NSP-SEC Hank Nussbacher (Mar 20)
- Re: NSP-SEC Guillaume FORTAINE (Mar 20)
- Re: NSP-SEC Gadi Evron (Mar 20)
- Re: NSP-SEC Valdis . Kletnieks (Mar 22)
- Re: NSP-SEC Guillaume FORTAINE (Mar 22)
- Re: NSP-SEC Randy Bush (Mar 22)
- Re: NSP-SEC Andrew D Kirch (Mar 22)
- Re: NSP-SEC Valdis . Kletnieks (Mar 22)
- Re: NSP-SEC Guillaume FORTAINE (Mar 23)
- Re: NSP-SEC Valdis . Kletnieks (Mar 23)
- Re: NSP-SEC Nick Hilliard (Mar 23)
- Re: NSP-SEC Guillaume FORTAINE (Mar 20)
- Re: NSP-SEC Sean Donelan (Mar 20)
- Re: NSP-SEC Gadi Evron (Mar 20)
- Re: NSP-SEC William Pitcock (Mar 20)
- Re: NSP-SEC Guillaume FORTAINE (Mar 21)
- Re: NSP-SEC Andrew D Kirch (Mar 21)
- Re: NSP-SEC Sean Donelan (Mar 20)
- Re: NSP-SEC George Imburgia (Mar 20)