North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: NANOG 44 (Los Angeles): ISP Security BOF
On Fri, 3 Oct 2008, Christopher Morrow wrote:
relevant information in a useful format about abuse/use of their downstream networks. When I was at AS701 there were consistently folks who'd say this or that customer is obviously bad, why hadn't we disconnected them? When looking through abuse tickets for issues we could bring to management as ammo for disconnection often a majority of complaints related to the customer in question were not complete, didn't have enough information, didn't have ANY information in them.
Is it that time of the year again for our annual discussion?
There is a large crowd of motivated people, but often they don't seem to know how to put together everything they've down into an actionable package. They get frustrated, and it usually declines into the ISP's suck debate. Even security vendors selling things don't understand what is needed to quickly process abuse complaints (e.g. many examples from useless logs generated by IDS/personal firewalls).
Would some current (or former, since the lawyers get a bit antsy) abuse desk folks from ISPs like to talk about putting together a training session about how to build and present an effective network abuse case
to an ISP/LEA?