Home page logo

nanog logo nanog mailing list archives

Re: Homeland Security Alert System
From: "Johannes Ullrich" <jullrich () euclidian com>
Date: Sat, 22 Feb 2003 20:51:00 -0500

ISPs and other communication providers should be prepared to share
information directly and quickly with each other.  If you wait to hear
from government officials to decide what sanitized information to share,
it will be hours later.  If ever.

If anybody is interested here, I did put together a small group to
experiment with a simple system to exchange and distribute PGP
signed messages quickly.

The basic 'working' of the system is contained within a yet to
be written perl script that will poll a couple of 'master' 
servers for updated messages, validate the signatures and post
the messages to a particular URL. Any server pulling these messages
can become a master for other servers, which makes this kind of
a 'P2P network' among web servers. Gateway to usernet/email/pagers/
instant messengers would be possible. New pgp keys would be distributed
as signed control messages within the system. Each PGP key has a 
certain number of 'points' assigned, and a message becomes 'valid'
as soon as it has enough signatures to make it past a threshold.

Anyway. Depending on how the water in my basement develops, I may
actually get a first alpha of this out later this weekend. (if not
next weekend). At that point, some testers / coders would be welcome
to work on things like gateways and such.

The overall goal: Make this system fast enough to reach 'everyone'
within an hour. Of course, the system will not work once the
internet is down, but its P2P like structure should provide for 
some anti-DDOS robustness.

jullrich () euclidian com             Collaborative Intrusion Detection
                                         join http://www.dshield.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]