Re: Scaling up Internet Security (was: Scaled Back Cybersecuruty)

[bmanning () vacation karoshi com]

> > > i've had absolutely no luck getting the source isp's to care about
> > > the problems i've seen at my home firewall in recent weeks.
>
> > we try hard to send out
> > correlated and filtered reports in a standardized format to valid
> > 'contact' addresses. There are some success stories, but more misses
> > than hits overall. 
>
> All of this requires an ISAC dedicated to the purpose of analyzing and 
> stamping out network abuse.
>
> --Michael Dillon

        what might be tough is to come up with a universal definition
        of "network abuse".  even harder will be a change in the fundamental
        nature of IP, while maintaining backward compatability with the
        existing technology (source vs destination orientation).

        then there is the problem of "walled gardens"/NATs that allow/encourage
        anonymous behaviour (bad contacts) and the lack of consistant
        standards for maintaining accurate contact data (goofy "privacy"
        laws)...

        the only saving grace is that business relationship you have with
        your immediate peers/transit providers. they can help you from
        seeing stuff you don't want to see.  The trick question is, can 
        the accomodate your desires along with the rest of their 10,000,000
        customers?  Esp. with the technologies available to them?

--bill