Re: NSP-SEC

Guillaume FORTAINE Tue, 23 Mar 2010 03:14:57 -0700

Conclusion : if you can't reply to these fundamental questions, hire a
CISO and build a CSIRT.

<sigh>  I *so* hate making an argument from authority (other than "I think smb
published a paper on that already"), but in your case I'll make an exception.


Go read http://www.sans.org/dosstep/roadmap.php

Read the date, read the signatories.


I have read with interest this document.

1) Remarks :

-Bill Clinton is no longer the president of USA . Howard Schmidt is thenew cybersecurity czar :


http://www.facebook.com/howardas

(By the way, Gadi Evron is in his Facebook friends ?!?)


2) Notes :

a) Problem 1: Spoofing & Problem 2: Broadcast Amplification

http://docs.google.com/viewer?url=http://www.dca.fee.unicamp.br/~chesteve/pubs/LIPSIN_sigcomm2009_jokela.pdf



b) Problem 3: Lack of Appropriate Response To Attacks

http://docs.google.com/viewer?url=http://nanog.org/meetings/nanog47/presentations/Sunday/Green_Top10_Security_N47_Sun.pdf



c) Problem 4: Unprotected Computers

http://docs.google.com/viewer?url=http://www.whitehouse.gov/files/documents/cyber/Gourley_Bob_Open_Source_Software_and_Cyber_Defense_01_April_2009.pdf

Ask yourself if you *really* want to be
telling me that we need to build a CSIRT. (Answer - our CIRT was up and
running back in 1991, and was well-known in 2000. So no, we don't need advice
on how to start one.


VT-CIRT :

http://docs.google.com/viewer?url=http://www.it.vt.edu/publications/annualreports/annualreport2007-2008.pdf

o Students designed, built, and are maintaining the vulnerability scanengines that are

the core of the www.ids.cirt.vt.edu site.



CSIRT-MU :

http://docs.google.com/viewer?url=http://www.vabo.cz/spi/2009/presentations/03/02-celeda_rehak_CAMNEP_no_video.pdf

Project Results

Further Information:

3 Journal papers, including IEEE Intelligent Systems
20+ conference papers (RAID, AAMAS, IAT, FloCon,...)

How to get it?

University startups:

-INVEA-TECH a.s. - FlowMon probes, collectors for high-speed datamonitoring (with MU, VUT and CESNET)-Cognitive Security s.r.o. - CAMNEP system for real-time data mining(with CTU)


Supported by:

U.S. ARMY RDECOM-CERDEC, CESNET, Czech MOD

  We've got literally man-centuries of experience in running
one already. By the way, where were you in 1991?)

In 1991, I was in primary school. In 2000, the date of your link, I gotmy first access to Internet. And now ? ;) !



Best Regards,

Guillaume FORTAINE

Re: NSP-SEC

Reply via email to