North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Country of Origin for Malicious Attacks
- From: Jamie Reid
- Date: Thu Jun 26 21:52:44 2003
I've found that country of origin is less relevant than route/subnet and ASN, as there
is a link between the address and the people in a position to actually respond to the problem.
I'd be interested in knowing how linking aggregated attack information to country of
origin is actually valuable relative to our ability to respond to it.
Cheers,
-j
--
Jamie.Reid, CISSP, jamie.reid@mbs.gov.on.ca
Senior Security Specialist, Information Protection Centre
Corporate Security, MBS
416 327 2324
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>
<BODY style="MARGIN-TOP: 2px; FONT: 8pt Tahoma; MARGIN-LEFT: 2px">
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>I've found that country of origin is less relevant than
route/subnet and ASN, as there</FONT></DIV>
<DIV><FONT size=1>is a link between the address and the people in a position to
actually respond to the problem. </FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>I'd be interested in knowing how linking aggregated attack
information to country of </FONT></DIV>
<DIV><FONT size=1>origin is actually valuable relative to our ability to respond
to it. </FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>Cheers, </FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1>-j</FONT></DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV><FONT size=1></FONT> </DIV>
<DIV> </DIV>
<DIV><FONT size=1>--<BR>Jamie.Reid, CISSP, <A
href="mailto:jamie.reid@mbs.gov.on.ca";>jamie.reid@mbs.gov.on.ca</A><BR>Senior
Security Specialist, Information Protection Centre <BR>Corporate Security,
MBS <BR>416 327 2324 </FONT></DIV></BODY></HTML>
|
