On Sat, 20 Dec 2008, Randy Bush wrote:
unfortunately snort does not really scale to a larger provider. and, to the
best of my poor knowledge, good open source tools to black-hole/redirect
botted users are not generally available. universities have some that are
good at campus and enterprise sc
"Brandon Galbraith" writes:
> But it's definitely not cool when my credit card company cuts off my card
> due to "abnormal charges" when I'm abroad and suddenly can't get ahold of
> customer service via their international phone number. Automation in the
> right places works wonders for both conve
On 12/20/08, Seth Mattinen wrote:
>
>
> I like automation. It has rules and follows them. The rules are posted
> ahead of time for all to see. Most of the time people are happy to see the
> automated system put a stop to some kind of potential disaster before it has
> time to cause more damage. It
Luke S Crawford wrote:
Randy Bush writes:
speaking as a small provider, I can tell you that I find running snort
against my inbound traffic does reduce the cost of running an abuse desk.
I do catch offenders before I get abuse@ complaints, sometimes.
unfortunately snort does not really scale
Randy Bush writes:
> > speaking as a small provider, I can tell you that I find running snort
> > against my inbound traffic does reduce the cost of running an abuse desk.
> > I do catch offenders before I get abuse@ complaints, sometimes.
>
> unfortunately snort does not really scale to a large
On 20/12/2008, at 4:23 PM, Randy Bush wrote:
speaking as a small provider, I can tell you that I find running
snort
against my inbound traffic does reduce the cost of running an abuse
desk.
I do catch offenders before I get abuse@ complaints, sometimes.
unfortunately snort does not really
On Dec 19, 2008, at 10:23 PM, Randy Bush allegedly wrote:
unfortunately snort does not really scale to a larger provider.
I respectfully disagree. I have very large entities with ALOT of
traffic running through Snort.
However, they are also using my company's products.
I work for Source
be specific, like "if you run X tools the payoff will be Y."
Yes. And where is the appropriate form for this?
there must be some operators' list somewhere.
> it doesn't seem like the sort of thing NANOG is for
yep. nanog is for whining about it, not doing/saying something actually
construc
Randy Bush writes:
> be specific, like "if you run X tools the payoff will be Y."
Yes. And where is the appropriate form for this?I find this
sort of thing quite interesting; and yeah, it doesn't seem like the
sort of thing NANOG is for, but most of the small ISP forms
(like webhostingtalk
On Sun, 14 Dec 2008, Christopher Morrow wrote:
On Sun, Dec 14, 2008 at 8:44 PM, Gadi Evron wrote:
On Sun, 14 Dec 2008, Rich Kulawiec wrote:
On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
but you need to be much more specific about what you want from
medium and smaller isps, and
On Sun, Dec 14, 2008 at 8:44 PM, Gadi Evron wrote:
> On Sun, 14 Dec 2008, Rich Kulawiec wrote:
>>
>> On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
>>>
>>> but you need to be much more specific about what you want from
>>> medium and smaller isps, and what the immediate payoffs (cf. t
On Sun, 14 Dec 2008, Rich Kulawiec wrote:
On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
but you need to be much more specific about what you want from
medium and smaller isps, and what the immediate payoffs (cf. the
financial secions of the newpaper) will be to them to justify the
Quick comment on e-commerce.
Consider that in many/most cases, the merchant will want to capture the
customer's address which is sent along with credit card information for
authorization. Once the merchant has received an authorization, he is
pretty much garanteed to get pad by the credit card com
On 08.12.15 05:08, Rich Kulawiec wrote:
On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
but you need to be much more specific about what you want from
medium and smaller isps, and what the immediate payoffs (cf. the
financial secions of the newpaper) will be to them to justify the co
Wow!! thats an eye opener..
On Mon, Dec 15, 2008 at 1:08 AM, Rich Kulawiec wrote:
> On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
> > but you need to be much more specific about what you want from
> > medium and smaller isps, and what the immediate payoffs (cf. the
> > financial se
On Sat, Dec 13, 2008 at 05:51:13PM +0900, Randy Bush wrote:
> but you need to be much more specific about what you want from
> medium and smaller isps, and what the immediate payoffs (cf. the
> financial secions of the newpaper) will be to them to justify the costs.
Inferior people look solely
The point I am trying to make here is that ISPs should much more engaged in
this entire process.
most of the larger isps have reasonable security teams with some good
folk. but you need to be much more specific about what you want from
medium and smaller isps, and what the immediate payoffs (
If folks think that people are not "doing" massive correlation of criminal
activity on the Internet, they would be mistaken.
engineers judge by the results. and, unfortunately, we can read them in
the ny times.
though some recent papers sure make interesting reading. just picking
on one pa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Not in the habit of responding to my e-mail, but...
On Sat, Dec 13, 2008 at 12:29 AM, Paul Ferguson
wrote:
>
> On Sat, Dec 13, 2008 at 12:22 AM, James Hess wrote:
>
>>
>> An in-depth strategy with hundreds or thousands of factors examined
>> resul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Dec 13, 2008 at 12:22 AM, James Hess wrote:
>
> An in-depth strategy with hundreds or thousands of factors examined
> results in a smaller
> (but still present) possibility of the filter/detector being fooled.
>
> IP-based methods can be com
20 matches
Mail list logo
