Does anyone have an opinion on a decent ISP out there that’s proven to work with the customer during a DDOS storm?
Rick Cheung
UUnet, excellent responsive abuse team IMHO.
jm
UUNet, by far is the best. I've had mixed results with Sprint. A couple
of years ago I had to deal with Hurricane Electric and the tech was really good about
it - he added in the ACL I needed right over the phone.
Also, I know of a couple providers in the upper midwest that are pretty
good at working with DOS stuff. Email me off list if you are
interested.
-Eric
Too bad they don't seem to have a spam abuse department anymore. I've
been complaining about a continuing flood of spam from "jumpjive.com"
(another lying "you-opted-in-to-receive-our-crap" outfit) with nothing but
auto-ignores to show for it.
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Patrick Greenwell
Asking the wrong questions is the leading cause of wrong answers
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
According to a recent salary survey telephone companies have some
of the lowest paid information security professionals in comparison
with other technology corporations, federal government, or financial
companies. When the US Transportation Security Administration (aka,
the agency in charge of airport screeners) is paying their computer
security people more than telephone companies, its hard for phone
companies to attact top security talent.
Customers need to let companies know that security and responsiveness
affects their purchasing decisions. I think some companies are getting
the message. But in today's market, with tight budgets and layoffs,
security is often viewed as overhead. A lot of providers are lucky
if they have one network engineer who does security stuff in her spare
time. Full-fledge security departments are rare.
:Customers need to let companies know that security and responsiveness
:affects their purchasing decisions. I think some companies are getting
:the message. But in today's market, with tight budgets and layoffs,
:security is often viewed as overhead.
The mantra at the consulting firms I have had conversatons with is
showing ROI for security services. I think that much of the value
in security services to date has been in the anti-virus field. The
reason for this is that one can easily measure and express the costs
saved by being immune to a particular virus or worm, which might have
cost a day or more of business. Contrasted with the number of new
virus reports affecting M$ products on a daily basis, the value is
pretty easy to see.
It can be difficult to show the returned value of auditing acl's, or
implementing an IDS infrastructure, despite the profound importance
of doing so.
Nimda and CodeRed were excellent indicators of how a good
security policy can be a competetive edge during (increasingly common)
global incidents. Hopefully we will see more security folks pressing
this message, and more decision makes hearing it.
:A lot of providers are lucky
:if they have one network engineer who does security stuff in her spare
:time. Full-fledge security departments are rare.
This is where managed security services are gaining popularity. Regardless
of the technical merits of assembling some COTS solutions and generating
periodic reports, it can be more cost effective than hiring CCSP/GIAC/CISSP's
at $60-90k USD a pop, while still operating with some reasonable level
of assurance that your infrastructure is being monitored.
Date: Tue, 26 Mar 2002 12:56:39 -0500 (EST)
From: batz <batsy@vapour.net>
(snip)
Nimda and CodeRed were excellent indicators of how a good
security policy can be a competetive edge during (increasingly common)
global incidents. Hopefully we will see more security folks pressing
this message, and more decision makes hearing it.
Sun Tzu and Lao Tze in the 3967/3561 thread...
...anyone else read Demming or other TQM proponents? Visible
numbers only syndrome is the problem with many people's attitudes
toward security...
I could name a local (Wichita) company that for the longest time
was running IIS4 + SP5, vulnerable to the iishack buffer overrun.
They stored their websites and company files on said machine.
The goons^H^H^H^H^Hconsultants who set it up gave a big "it's
secure because it's NT -- look, it asks for passwords" spiel that
management bought.
Even after one of their employees _demonstrated_ how an arbitrary
person could break in. Response? "We're not that big... nobody
would be that interested in us." Warnings about random scans
fell on deaf ears.
Service patches were never applied. When some suspicious
happenings left said server inoperable, they just installed
Win2000 and went on, not caring what had happened or why.
No, I was not the employee. A friend of mine worked there before
getting fed up and quitting.
"If it works, it must be right," versus, "It doesn't truly work
unless it's right." I find it amusing how the same people keep
who keep things under tight physical lock and key are so lax and
apathetic about electronic security.
As Demming said, "People who buy on price alone deserve to get
rooked."
Eddy
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence