On 23/03/2010 12:59, valdis.kletni...@vt.edu wrote:
> And now, you're still acting like you've got new unique insights and going out
> of your way to irritate the very same more experienced people that you
> probably
> should be trying to learn from, when you haven't bothered to find out that
> yo
On Tue, 23 Mar 2010 11:13:48 BST, Guillaume FORTAINE said:
> I have read with interest this document.
(lots of irrelevant commentary elided - the vast majority of which merely
confirms the point that a lot of people have been doing further research on
issues that we identified a decade and more a
Conclusion : if you can't reply to these fundamental questions, hire a
CISO and build a CSIRT.
I *so* hate making an argument from authority (other than "I think smb
published a paper on that already"), but in your case I'll make an exception.
Go read http://www.sans.org/dosstep/roadma
On Mon, 22 Mar 2010 23:02:02 BST, Guillaume FORTAINE said:
> How much money would you evaluate a security incident on your Cisco device ?
It would depend on which of the 3,000+ Cisco devices on our network had
the incident. And yes, we've got a pretty good estimate (to within $1.57 or
so) of what
Guillaume FORTAINE wrote:
>
> This is a very pertinent question. My reply would be :
>
> How much money would you evaluate a security incident on your Cisco
> device ?
>
> Because, the fundamental questions are :
>
> a) How much value does your network bring to your business ?
>
> b) How much mon
Dear Mister Kletnieks,
Thank you for your reply.
On 03/22/2010 02:08 PM, valdis.kletni...@vt.edu wrote:
So - just how much bigger a check you want to write to Cisco for support
(whether it's a yearly contract, or bundled into the unit's purchase price)?
This is a very pertinent question.
On Sat, 20 Mar 2010 21:06:25 BST, Guillaume FORTAINE said:
> you make an informed security decision. Cisco should examine its
> patching schedule in light of the September 24th announcement; every six
> months is not acceptable.
but then,,,
> 3) Testing, Testing, Testing
>
> In this case we h
On 21 March 2010 23:10, wrote:
> Hey James,m
>
> Well, I'm sure that the 140,000,000 is a FUD figure extrapolated by an AV
> vendor rather than an actual audit (:-), but you make a fair point.
>
> That said, I did start wondering how an "Internet User" is defined in the
> stats you pointed to.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/22/10 04:58, Patrick W. Gilmore wrote:
> On Mar 21, 2010, at 9:52 PM, Alex Lanstein wrote:
>
> There is, by the way, no relief from this due to events
> like the recent bust of the Mariposa botnet (13M systems);
>>
>> The public numbers a
On Mar 21, 2010, at 9:52 PM, Alex Lanstein wrote:
There is, by the way, no relief from this due to events like the
recent bust of the Mariposa botnet (13M systems);
>
> The public numbers advertised were 13M _IPs_ connecting to a sinkhole over
> more than a month's time. When I've had
On Sun, 21 Mar 2010 21:37:09 -, James Bensley said:
> On 19 March 2010 14:19, wrote:
> You *do* realize that
> > there's an estimated 140,000,000 bots on the net, right
>
> As many as that? Thats 1 in 12 according to
That was Vint Cerf's number as of 2007 or so. He dropped that estimate at
>>>
>>>From: Rich Kulawiec [...@gsp.org]
>>>Sent: Sunday, March 21, 2010 8:43 PM
>>>To: nanog@nanog.org
>>>Subject: Re: NSP-SEC
>>>
>>>There is, by the way, no relief from this due to events lik
On Sun, Mar 21, 2010 at 09:37:09PM +, James Bensley wrote:
> On 19 March 2010 14:19, wrote:
> You *do* realize that
> > there's an estimated 140,000,000 bots on the net, right
>
> As many as that? Thats 1 in 12 according to
> http://www.internetworldstats.com/stats.htm.
I think that estima
On 19 March 2010 14:19, wrote:
You *do* realize that
> there's an estimated 140,000,000 bots on the net, right
As many as that? Thats 1 in 12 according to
http://www.internetworldstats.com/stats.htm. Lets be honest, I don't
follow the world wide bot crisis because as your figure suggests, its
ju
Guillaume FORTAINE wrote:
> On 03/20/2010 09:12 PM, Gadi Evron wrote:
>>
>> 2. Show you are responsive and responsible in handling issues in your
>> own back yard.
>>
>
> http://docs.google.com/viewer?a=v&q=cache:ENEl1xrgXNwJ:https://ow.feide.no/_media/geantcampus:s5.2-flows_at_mu.pdf%3Fid%3Dgeantc
On 03/20/2010 09:12 PM, Gadi Evron wrote:
2. Show you are responsive and responsible in handling issues in your
own back yard.
http://docs.google.com/viewer?a=v&q=cache:ENEl1xrgXNwJ:https://ow.feide.no/_media/geantcampus:s5.2-flows_at_mu.pdf%3Fid%3Dgeantcampus%253Anetw_monitoring_oct_2009%2
On Sat, 20 Mar 2010, Hank Nussbacher wrote:
How exactly would being transparent for the following help Internet security:
"I am seeing a new malware infection vector via port 91714 coming from the IP
range of 32.0.0.0/8 that installs a rootkit after visiting the web page
http://www.trythisou
On Sat, 20 Mar 2010, William Pitcock wrote:
What I mean is: why can't anyone contribute valuable information to the
security community? It is next to impossible to meet so-called 'trusted
people' if you're new to the game, which is counter-productive.
How do I break into show business?
http://
On Sat, 2010-03-20 at 22:12 +0200, Gadi Evron wrote:
> On 3/20/10 8:37 PM, William Pitcock wrote:
> > That is not what I mean and you know it.
>
> What do you mean than? Hank made a good point on the type of traffic
> normally going through these groups.
My point hasn't much to do with the NSP-S
On 3/20/10 10:06 PM, Guillaume FORTAINE wrote:
Same exercise can be repeated for most vendors you can choose.
I would counter argue by quoting this article :
I made it a goal in life to study many things, among them rhetoric.
Another is culture.
One basic question you should ask yourself
On 3/20/10 8:37 PM, William Pitcock wrote:
That is not what I mean and you know it.
What do you mean than? Hank made a good point on the type of traffic
normally going through these groups.
What I mean is: why can't anyone contribute valuable information to the
security community? It is ne
On Sat, 20 Mar 2010, William Pitcock wrote:
If you're a 15 year old kid and you just discovered a way to own the
latest IOS, for example, how do you know who to tell about it?
Read the manual? Most products and open source projects have a manual
which includes information about contacting the
If I was such a clever 15 year old I would go to Google and enter
"contacting cisco ios security"
which would lead me to ->
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
which would lead me to ->
http://www.cisco.com/en/US/products/products_security_vulnerabil
On 03/20/2010 07:37 PM, William Pitcock wrote:
On Sat, 2010-03-20 at 20:30 +0200, Hank Nussbacher wrote:
On Fri, 19 Mar 2010, William Pitcock wrote:
On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
An ongoing area of work is to build better closed,
trusted communities
On Sat, 20 Mar 2010, William Pitcock wrote:
What I mean is: why can't anyone contribute valuable information to the
security community? It is next to impossible to meet so-called 'trusted
people' if you're new to the game, which is counter-productive.
If you're a 15 year old kid and you just d
On Sat, 20 Mar 2010, William Pitcock wrote:
If you're a 15 year old kid and you just discovered a way to own the
latest IOS, for example, how do you know who to tell about it?
Report the issue to the vendor? This is pretty common practice today.
jms
On Sat, 2010-03-20 at 20:30 +0200, Hank Nussbacher wrote:
> On Fri, 19 Mar 2010, William Pitcock wrote:
>
> > On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
> >> An ongoing area of work is to build better closed,
> >> trusted communities without leaks.
> >
> > Have you ever considered tha
On Fri, 19 Mar 2010, William Pitcock wrote:
On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
An ongoing area of work is to build better closed,
trusted communities without leaks.
Have you ever considered that public transparency might not be a bad
thing? This seems to be the plight of
On Fri, Mar 19, 2010 at 8:42 AM, Leo Bicknell wrote:
>
> I'd like to nominate this for the Best of Nanog 2010.
+1. Does the nomination include a sample ?
J
On Fri, 19 Mar 2010, William Pitcock wrote:
On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
An ongoing area of work is to build better closed,
trusted communities without leaks.
Have you ever considered that public transparency might not be a bad
thing? This seems to be the plight of
If we had that, no secrecy would be needed.
But anyone who thinks publishing everything we learn about the miscreants is a
Good Idea, has never tried to take out a botnet or snow-shoe spammer or ...
Me, an evolvable malware :
http://docs.google.com/viewer?url=http://www.genetic-programming.
> When the Sun shines upon Earth, 2 - major Time points are created on
> opposite sides of Earth - known as Midday and Midnight. Where the 2
> major Time forces join, synergy creates 2 new minor Time points we
> recognize as Sunup and Sundown. The 4-equidistant Time points can be
> considered as Ti
On 3/19/10 6:42 AM, Leo Bicknell wrote:
I'd like to nominate this for the Best of Nanog 2010.
I'd like to second/third/whatever that nomination as well. :)
Epic win. Not only did it make me fall off the chair laughing, but I
highly doubt Fortaine will understand why its so funny.
Paul,
--- On Fri, 3/19/10, Adam Stasiniewicz wrote:
> IMHO, I think you have it
> backwards. I see strategic discussions (like
> new crypto algorithms, technologies, initiatives, etc)
> should be open to
> public debate, review, and scrutiny. But
> operational/tactical discussions
> (like new malware,
On Fri, 19 Mar 2010 10:08:55 CDT, Adam Stasiniewicz said:
> IMHO, I think you have it backwards. I see strategic discussions (like
> new crypto algorithms, technologies, initiatives, etc) should be open to
> public debate, review, and scrutiny. But operational/tactical discussions
> (like new mal
nanog@nanog.org
Subject: Re: NSP-SEC
Total transparency in security matters works about as well as it would for
law enforcement: fine for tactical concerns, but not so great for
long-term strategic concerns.
-David Barak
On Fri Mar 19th, 2010 9:44 AM EDT William Pitcock wrote:
>On Fri, 2010-03-19
On Fri, 19 Mar 2010 04:43:18 BST, Guillaume FORTAINE said:
> First question : Why was I able to find this mail on the Internet if it
> should be kept secret ?
Congratulations. You found an example of a mailing list where applying a
standard disclaimer by default *does* make sense, which then go
On Mar 19, 2010, at 9:56 AM, bmann...@vacation.karoshi.com wrote:
> On Fri, Mar 19, 2010 at 08:44:29AM -0500, William Pitcock wrote:
>> On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
>>> An ongoing area of work is to build better closed,
>>> trusted communities without leaks.
>>
>> Have
There are some out there..Infragard?(shrugs shoulders)..
-Original Message-
From: bmann...@vacation.karoshi.com
[mailto:bmann...@vacation.karoshi.com]
Sent: Friday, March 19, 2010 9:57 AM
To: William Pitcock
Cc: nanog@nanog.org
Subject: Re: NSP-SEC - should read Integrity
On
On Fri, Mar 19, 2010 at 08:44:29AM -0500, William Pitcock wrote:
> On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
> > An ongoing area of work is to build better closed,
> > trusted communities without leaks.
>
> Have you ever considered that public transparency might not be a bad
> thing
Total transparency in security matters works about as well as it would for law
enforcement: fine for tactical concerns, but not so great for long-term
strategic concerns.
-David Barak
On Fri Mar 19th, 2010 9:44 AM EDT William Pitcock wrote:
>On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wro
On Fri, 19 Mar 2010 06:42:44 PDT, Leo Bicknell said:
> I'd like to nominate this for the Best of Nanog 2010.
Amen to that. As the Jargon File says, "C|N>K". Unfortunately, I was
eating breakfast, and it was corn flakes not coffee. Ouch.
pgpxfLFPGhvAM.pgp
Description: PGP signature
On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
> An ongoing area of work is to build better closed,
> trusted communities without leaks.
Have you ever considered that public transparency might not be a bad
thing? This seems to be the plight of many security people, that they
have to be
I'd like to nominate this for the Best of Nanog 2010.
In a message written on Fri, Mar 19, 2010 at 02:50:37AM -0700, Paul WALL wrote:
> On Thu, Mar 18, 2010 at 8:43 PM, Guillaume FORTAINE
> wrote:
> > Misses, Misters,
>
> You forgot the ballers, shot callers, brawlers, those who dippin' in
> t
On Fri, 19 Mar 2010 04:43:18 +0100
Guillaume FORTAINE wrote:
> First question : Why was I able to find this mail on the Internet if
> it should be kept secret ?
nsp-security was originally formed out of the dissatisfaction with
other so-called private collaborative channels back when it was form
On Thu, Mar 18, 2010 at 8:43 PM, Guillaume FORTAINE wrote:
> Misses, Misters,
You forgot the ballers, shot callers, brawlers, those who dippin' in
the benz with the spoilers. [0]
> I would want to inform you that the security of the Internet, that is
> discussed in the NSP-SEC mailing-list [0] b
On Thu, 2010-03-18 at 23:52 -0400, Patrick W. Gilmore wrote:
> On Mar 18, 2010, at 11:46 PM, William Pitcock wrote:
>
> > Few people actually care about nsp-sec so what exactly are you getting at?
>
> I might argue the "few" comment, but I think it's better not to reply to
> Guillaume so people
On 03/19/2010 04:52 AM, Patrick W. Gilmore wrote:
On Mar 18, 2010, at 11:46 PM, William Pitcock wrote:
Few people actually care about nsp-sec so what exactly are you getting at?
I might argue the "few" comment
Could you argue, if possible, please ?
I look forward to your answe
On Mar 18, 2010, at 11:46 PM, William Pitcock wrote:
> Few people actually care about nsp-sec so what exactly are you getting at?
I might argue the "few" comment, but I think it's better not to reply to
Guillaume so people who are smart enough to not see his posts (which would be
quite a bit mo
Why respond to an obvious troll?
Regards,
-drc
On Mar 18, 2010, at 8:46 PM, William Pitcock wrote:
> Hello,
>
> Few people actually care about nsp-sec so what exactly are you getting at?
>
> "Guillaume FORTAINE" wrote:
...
Hello,
Few people actually care about nsp-sec so what exactly are you getting at?
"Guillaume FORTAINE" wrote:
>Misses, Misters,
>
>I would want to inform you that the security of the Internet, that is
>discussed in the NSP-SEC mailing-list [0] by a selected group of vendors
>(Cisco, Juniper &
52 matches
Mail list logo
