Q: What do ISPs really think about security issues?

2008-01-10 Thread Paul Ferguson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 As some of you may know, my primary job these days is tracking down Bad Guys (tm), identifying threats, etc. But enough of that. One of my primary concerns has been, unsuccessfully, engaging the networking community. Why is that? This "issue" is n

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Sean Donelan
On Thu, 10 Jan 2008, Paul Ferguson wrote: ISPs have really, really been absent from the discussion, for various reasons. Cool, ISPs get double damned in only 24 hours. No matter what ISPs do or don't do, someone will think they are being excessive or not doing enough. ISPs have been active

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Rob Thomas
On the other hand, if you listen carefully to what ISPs need, you can be fairly effective working with ISPs. However there are practical limits to what an ISP can do. I'll second this point. We've had great luck working with providers globally, but only after folks (such as Sean) took

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Suresh Ramasubramanian
On Jan 11, 2008 1:17 AM, Rob Thomas <[EMAIL PROTECTED]> wrote: > I'll second this point. We've had great luck working with providers > globally, but only after folks (such as Sean) took us under their > wing and mentored us on the processes and setups that best help > ISPs. That alone would mak

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Paul Ferguson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- "Suresh Ramasubramanian" <[EMAIL PROTECTED]> wrote: >On Jan 11, 2008 1:17 AM, Rob Thomas <[EMAIL PROTECTED]> wrote: > >> I'll second this point. We've had great luck working with providers >> globally, but only after folks (such as Sean) took u

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Sean Donelan
On Fri, 11 Jan 2008, Suresh Ramasubramanian wrote: disclaimer: Names replaced by X, Y and Z solely to render this little story fit for public consumption .. it took place at a nominally closed meeting. It wont take you too long to arrive at reasonably plausible guesses for X, Y and Z, so I will

Re: Q: What do ISPs really think about security issues?

2008-01-10 Thread Suresh Ramasubramanian
On Jan 11, 2008 10:02 AM, Sean Donelan <[EMAIL PROTECTED]> wrote: > That's why I suggested to Rob and other folks the importance of listening > to what they tell you how to work their particular processes. Every large > organization has them, although often the real processes are unwritten. > On