On Wed, 24 Oct 2007 17:32:04 BST, worried security said: > The DHS need to ban ISP's from talking about infrastructure security in > public places. it should be classified information don't you all think? Please note a few things: 1) The level of detail actually discussed on NANOG comes nowhere *close* to giving "the bad guys" anything *useful*. 2) Somebody at GMU already did a grad-school thesis about this subject, at a level of detail that *was* worrysome for many. The fact that with that amount of hints, you should be able to Google up the student's name and the date of the thesis, should tell you something about barn doors. 3) If in fact you classified the information, then you'd hit a *very* big snag - you then need to treat it as classified information, with all the attendant details. Background checks for all of your NOC staff *over and above* what you already do, you can't give the information to your customers, and so on. Though it *does* keep the phone from ringing off the hook if you can't tell your customers your NOC phone number because it's classified....
Attachment:
pgpNd2S7GsGfG.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/