[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]

Subject: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
From: fergdawgster at gmail.com (Paul Ferguson)
Date: Sat, 13 Dec 2008 00:44:32 -0800
In-reply-to: <[email protected]>
References: <[email protected]>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Not in the habit of responding to my e-mail, but...

On Sat, Dec 13, 2008 at 12:29 AM, Paul Ferguson <fergdawgster at gmail.com>
wrote:

>
> On Sat, Dec 13, 2008 at 12:22 AM, James Hess <mysidia at gmail.com> wrote:
>
>>
>> An in-depth strategy with hundreds or thousands of factors  examined
>> results in a smaller
>> (but still present) possibility of the filter/detector being fooled.
>>
>> IP-based methods can be combined with the other stronger analysis of
>> transaction details and other info that can be gathered about a
>> submitter  for detection of attempted abuse.
>>
>
> Personally, I don;t NANOG is the proper forum for this discussion.
>
> There are other forums, however, which do follow these issues -- some
> public, some private.
>
> If folks think that people are not "doing" massive correlation of
> criminal activity on the Internet, they would be mistaken.
>

The point I am trying to make here is that ISPs should much more engaged in
this entire process.

In the not-so-distant past, I have tried to engage the ISP community (via
NANOG, at NANOG meetings) to get involved in the fight against cyber crime,
with lackluster response -- unfortunately.

If this problem is ever going to get reduced to a manageable level, ISPs
must play a critical role -- one which they have not been willing
participants to this day. ISPs have been (one of) the missing links here.

Of course, there are very responsible ISPs out there who handle these issue
when they are brought to their attention, and they deserve kudos -- but
unfortunately, they are are in the minority.

This community should be asking itself why that is... and figuring out way
to deal with it responsibly.

$.02,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFJQ3Xpq1pz9mNUZTMRAuloAKDydG8eb0Le53iKzgLdVYzFi/LQ8ACfY9GA
5wqCM9bn9baQnBARNNRIb0Q=
=mzwy
-----END PGP SIGNATURE-----

-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

Follow-Ups:
- Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
  - From: randy at psg.com (Randy Bush)

References:
- Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
  - From: fergdawgster at gmail.com (Paul Ferguson)

Prev by Date: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
Next by Date: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
Previous by thread: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
Next by thread: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]
Index(es):
- Date
- Thread