North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Hi, we're from the government and we're here to help
- From: Paul Ferguson
- Date: Thu Mar 09 21:50:25 2000
At 06:18 PM 03/09/2000 -0800, Sean Donelan wrote:
>The problem is with providers without famous people and too many people,
>so they don't know each other. If you don't already know someone at, for
>example, NTT or BT or Qwest, navigating through their public contacts
>usually doesn't get you too far.
>
>What may be interesting is looking at how other industries handle the
>problem.
Interestingly enough, there are a couple of very useful documents
which have come out of the IETF GRIP (Guidelines and Recommendations
for Security Incident Processing) Working Group:
RFC2350 (BCP21): "Expectations for Computer Security Incident
Response", N. Brownlee, E. Guttman, June 1998.
http://www.ietf.org/rfc/rfc2350.txt
"Security Expectations for Internet Service Providers",
draft-ietf-grip-isp-expectations-03.txt, T. Killalea,
February 2000.
http://www.ietf.org/internet-drafts/draft-ietf-grip-isp-expectations-03.txt
"Security Checklist for Internet Service Provider (ISP)
Consumers", draft-ietf-grip-user-02.txt, T. Hansen, June 1999.
http://www.ietf.org/internet-drafts/draft-ietf-grip-user-02.txt
"Site Security Handbook Addendum for ISP's",
draft-ietf-grip-ssh-add-00.txt, T. Debeaupuis, August 1999.
http://www.ietf.org/internet-drafts/draft-ietf-grip-ssh-add-00.txt
In fact, draft-ietf-grip-isp-expectations-03 just went to Last Call
in the IETF prior to being advanced as a BCP.
- paul
|
