Tag: Make it Happen

This week, we saw an indication of what could be massive disruptions on the Internet. Way back in 2002, I pointed out our continued vulnerability to prefix injection attacks – from intentional and unintentional insertions (see NANOG BGP Security Update). This weekend, we had the Pakistan Telecom Authority (PTA) order their ISPs to block access Read More

IBM’s 2007 Survey of SP’s “The State of Security in Carrier Service Delivery” is out and making the rounds of the security trade journals. While surveys like these are obvious marketing tools (i.e. buy IBM’s security consulting services and products), the results are useful data points. “… 87 percent of the curvey participants indicated that Read More

Are we about to turn the corner in our battle with cybercrime? Is our threat vector about to make a dramatic change of direction? Is the really light at the end of the tunnel? A year ago, the available data would have me believe that the problem will never get better. The month all has Read More

The Security Trap of all in the profession ….. If you do your security job well … you management ask “What are you doing and why am I spending all the money on security?” If you do not do your security job well …. management ask ” Why didn’t you do something to keep this Read More

Security pundits and professionals love to extol the badness of how botnets can be used to perpetrate crime. They unhesitatingly point out how operators allow these botnets to exist unintended, taking up resources, bandwidth, server time, and contagion. For the computers infected with the bots, no sympathy. They are core to the evil of the Read More

People ask me how do I get started with safe guarding my Service Provider (SP) network. The place I point, is a tutorial we’ve created with NSP-SEC. This tutorial goes through simple things that helps a engineer in a SP gets their feet wet. Check out the latest version presented at NANOG here: ISP Security Read More