North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Hi, we're from the government and we're here to help
At 06:18 PM 03/09/2000 -0800, Sean Donelan wrote: >The problem is with providers without famous people and too many people, >so they don't know each other. If you don't already know someone at, for >example, NTT or BT or Qwest, navigating through their public contacts >usually doesn't get you too far. > >What may be interesting is looking at how other industries handle the >problem. Interestingly enough, there are a couple of very useful documents which have come out of the IETF GRIP (Guidelines and Recommendations for Security Incident Processing) Working Group: RFC2350 (BCP21): "Expectations for Computer Security Incident Response", N. Brownlee, E. Guttman, June 1998. http://www.ietf.org/rfc/rfc2350.txt "Security Expectations for Internet Service Providers", draft-ietf-grip-isp-expectations-03.txt, T. Killalea, February 2000. http://www.ietf.org/internet-drafts/draft-ietf-grip-isp-expectations-03.txt "Security Checklist for Internet Service Provider (ISP) Consumers", draft-ietf-grip-user-02.txt, T. Hansen, June 1999. http://www.ietf.org/internet-drafts/draft-ietf-grip-user-02.txt "Site Security Handbook Addendum for ISP's", draft-ietf-grip-ssh-add-00.txt, T. Debeaupuis, August 1999. http://www.ietf.org/internet-drafts/draft-ietf-grip-ssh-add-00.txt In fact, draft-ietf-grip-isp-expectations-03 just went to Last Call in the IETF prior to being advanced as a BCP. - paul
|