>I'm wondering if this is the start of an end-run around the usual
>community practice of contacting technical contacts during incidents?
I hope not. I have handled serveral incidents where I contacted
(out-of-band) the Technical Contact and they were unaware of the
compromise and were very willing to assist to nip the compromise
at a somewhat early stage. Factor in work load of an NIPC agent
and priority given to an incident, how long would notification take?
Depending on the Incident, I say contact whoever your legal authorities
may be and the contacts for the source network/host.
--
-----------------------------------------------------------------------
Dominick Glavach, Senior IS Security/System Engineer [EMAIL PROTECTED]
Concurrent Technologies Corporation 814/269-2469
PGP fingerprint: F1 EB F3 DE 69 93 80 BF 00 14 77 E9 8B 61 A8 73
PGP Public Key : ftp.ctc.com/pub/PGP-keys/glavach.asc
-----------------------------------------------------------------------
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
