North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Broadband routers and botnets - being proactive

  • From: Ian Mason
  • Date: Wed May 16 01:10:04 2007


On 16 May 2007, at 00:53, Joel Jaeggli wrote:

[snip]

The thing is it would be really nice to have some functional separation
between the business of this list which is operating a network, and the
security focused lists, and the botnet/phishing/spam lists, addressing
policy lists, the internet standards list, and so forth.


While there persists an attitude that security isn't a core part of
running a network there will continue to be insecure networks flooded
with spam, phishing, botnets et al. I've been running wide area networks
since 1995 and I've always seen security as an operational network issue
and moreover I find incomprehensible an attitude that sees it otherwise.

You and I and lots of other people on this list are on on many or all of
those sorts of lists. While cross-pollination is acceptable and in fact
desired dragging the business of one group of community interests in to
the domain of another is not appropriate.

In the particular case of Gadi, I resent the persistent grandstanding
and offers of assistance and assurances that's he's on the job. That's
essentially all advertising for his consulting business and I don't
think it's appropriate on this list. I for one do not flog the products
of my employer on this list, nor do you, or most other people who
participate.

While Gabi is voluble I don't concur. I've never formed the impression
that he's advertising anything other than the problem or some [possible]
solutions. I've certainly never felt he was advertising his paid services
- so much so that this is the first time I was explicitly aware that he
offers paid consultancy in this area, if that is indeed the case.


I tolerate this sort of behavior in the security arena (read bugtrac
these days) though I resent the fact that it's de rigeur in the space
for many disclosures to essentially be advertising for the consultants
doing the work, virus updates are advertising for anti-virus companies etc.

[snip]

Can I please make a [probably futile] request.

If someone thinks something is off-topic but the subject matter is even
conceivably marginally on-topic - just skip the post. Don't start a long
discussion of the relevance. Inevitably the discussion of topicality takes up
more time and attention than the original subject would have. Whenever I see
this happen I always suspect that the operational issue is really that the
complainants don't have enough real operational work to do and I wish I had
their cushy job.