New list: ddos-fighter

Hi all,

We would like to announce a new mailing-list:

  ddos-fighter@securite.org

This list has been created to enable owners and users of DDoS
detection and mitigation devices (*) at ISPs/NSPs to discuss
architecture and deployment, share tips, filtering templates,
experience and operational models, etc.

To subscribe send a mail specifying: who you are (ASN/company,
position/job desc., Internet security references - if any)
and which product(s) [detection and mitigation] you use AND
are willing to discuss/share experience on (no lurkers, no
marketing, no sales, etc) to:

  ddos-fighter-subscribe@securite.org

We may ask you to "prove" that you actually own and operate
such devices.

If you have any question or feedback: nico@securite.org

This list is not for real-time DDoS mitigation and inter-SP
coordination, for this please see nsp-sec:
http://puck.nether.net/mailman/listinfo/nsp-security

Most of the nsp-sec charter applies to this list too. Also,
note that the list is currently not "public" (as opposed to
cisco-nsp or juniper-nsp for example).

(*) Arbor Peakflow, Cisco(/Riverhead) Guard, Mazu Profiler/
     Enforcer, TopLayer IPS, Captus IPS, TippingPoint Unity, etc.
     Things like ACLs and blackholing don't count

Nico.

Hmm... so it's impossible for a site looking at various vendors to lurk and get
a feel for which one is a 'best fit' for their needs without first buying one.
Also, it's not obvious whether things like "How to get that Packeteer you
bought to control file sharers to do other useful stuff too..." are in-bounds.
Similarly for any *other* traffic shaping technology that doesn't happen to be
one of the named vendors.

So given that people will *already* presumably have bought one of the
"approved" devices, and said devices already probably have their own
foobox-users group list someplace, what will said list really accomplish
besides "My foobox is bigger than your foobox" discussions?