North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Country of Origin for Malicious Attacks
I've found that country of origin is less relevant than route/subnet and ASN, as there is a link between the address and the people in a position to actually respond to the problem. I'd be interested in knowing how linking aggregated attack information to country of origin is actually valuable relative to our ability to respond to it. Cheers, -j -- Jamie.Reid, CISSP, [email protected] Senior Security Specialist, Information Protection Centre Corporate Security, MBS 416 327 2324 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD> <BODY style="MARGIN-TOP: 2px; FONT: 8pt Tahoma; MARGIN-LEFT: 2px"> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>I've found that country of origin is less relevant than route/subnet and ASN, as there</FONT></DIV> <DIV><FONT size=1>is a link between the address and the people in a position to actually respond to the problem. </FONT></DIV> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>I'd be interested in knowing how linking aggregated attack information to country of </FONT></DIV> <DIV><FONT size=1>origin is actually valuable relative to our ability to respond to it. </FONT></DIV> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>Cheers, </FONT></DIV> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1>-j</FONT></DIV> <DIV><FONT size=1></FONT> </DIV> <DIV><FONT size=1></FONT> </DIV> <DIV> </DIV> <DIV><FONT size=1>--<BR>Jamie.Reid, CISSP, <A href="mailto:[email protected]">[email protected]</A><BR>Senior Security Specialist, Information Protection Centre <BR>Corporate Security, MBS <BR>416 327 2324 </FONT></DIV></BODY></HTML>
|