NSP Security List

Hello Everyone,

Thanks to Jared's sponsorship, we are creating a nsp-* mailing list for the
NSP Security Operations community. We will use the nsp-security for NSP
security coordination and consultation. We expect most of the consultation
to be on procedures, polices, tools, mitigation techniques, and other
proactive activities. We will also try to use the list as an incident
response alias - tracking and mitigating attacks in progress.

Membership to the alias will be restricted to those actively mitigating of
NSP Security incidents. Therefore, it will be limited to operators,
vendors, researchers, and FIRST team and other people in the NSP operations
community working to stop attacks. That means no press and (hopefully) none
of the "bad guys." We will use a simple trust/peering relationship used on
some of the other aliases. This model is not as "secure" as an encrypted
conversation, but better than a wide-open public dialog. We will establish
the trust by asking members of the list to vouch for new subscriber
requests. If the list administrators know the person, then they can vouch
for them.

Yes, we have had similar "security" lists in the past. With nsp-security we
will connection the E-mail dialog with face-to-face meetings in the
operations conferences. The first "meeting" is the ISP Security BOF at the
next NANOG. Like NANOG's Peering BOF, the ISP Security BOF is a
facilitation tool ... bring together people living with the daily pain of
ISP Security incidents. So the hope is the combination of face-to-face and
private E-mail list will help use take forward steps.

So apply for subscription, send a note to:

  nsp-security-request@puck.nether.net

with the word "subscribe" in the subject or body of the message.
Alternatively, you can use the web page at:

  http://puck.nether.net/mailman/listinfo/nsp-security

Barry

PS - Looking for a couple more volunteers to help as administrators.