RE: advise on network security report

["Mike Callahan" <mcallahan () bullseyetelecom net>]

> I beg to differ, wither I aggregate my announcements does not impact the 
> $50B charge identity theft puts on the US economy.

Perhaps a better start on impacting this would be for the credit card companies to pursue the people that abuse their 
cards/systems instead of just writing fraudulent purchases off as a loss and not pursuing them any further.  I been 
through it myself and I know for a fact that at least one major cc company operates in this way.   In this model 
there's nothing to discourage someone from using stolen numbers.  Just my $.02

~M

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Rick Wesson
Sent: Tuesday, October 31, 2006 8:02 PM
To: Barry Greene (bgreene)
Cc: nanog () merit edu
Subject: Re: advise on network security report



Barry Greene (bgreene) wrote:
> Postings like this to NANOG will not have any impact. So if your goal is
> instigate action, posting is not going to work. The core data point is
> the weekly CIDR report. It only works if you have peers using the weekly
> list to apply peer pressure to the networks listed to act. 

I beg to differ, wither I aggregate my announcements does not impact the 
$50B charge identity theft puts on the US economy.

would it assist if I associated a dollar value for each bot hosted, we 
can estimate the number of credit cards stolen per bot and extrapolate 
in to something with some zeros on it.


> Sharing summaries to communities like dshield, NSP-SEC, DA, SANs and
> other security mitigation communities along with a subscription web page
> that would allow an organization to get enough details to take action.

nsp-sec players still won't let us in their sand-box... but we will 
share to the communities you have enumerated.


-rick