North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Hi, we're from the government and we're here to help

  • From: Sean Donelan
  • Date: Thu Mar 09 17:58:19 2000

Operational, only in the sense it disrupts our operations

An interesting article which reviews some of the history and some
perspective on the government response to the denial of service
attacks.  Unfortunately, its even worse.

Before the FBI created the NIPC, the NTIA/Department of Commerce was
tasked with Internet protection.  I went to one of the meetings at
DOC.  It felt like a cold war contractor unemployment office. The NTIA
eventually appointed three groups to represent the interests of the
Internet in cyber-security.  Anyone know/remember who those groups were?

Earlier, the government created the Critical Infrastructure Assurance
Office.  Before that there was a commission, but the Internet wasn't
really considered an "interesting" infrastructure at that time.

The US Government as been amazingly pro-active in this area, or at least
some small groups have been.  They've also consistently said the government
can't protect the Internet.  The infrastructure is owned by private companies
and individuals; and industry has to work together to protect it.

The question is does industry think its worthwhile to work together?

After several major disruptions received at lot of media attention, IOPS
was formed.  Later members like UUNET dropped out.

After the DOS attacks, several providers announced their Gold Ribbon initiative.
Have any providers actually taking concrete steps to change their networks?

The IESG has a last call for a Best Common Practice on Internet security.
Will any provider actually follow it?

There is a barely used $50 million center in Washington we can probably buy
real cheap if folks think we'll ever need an emergency response coordination
center in the future.