[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- To: "Luke Scharf" <luke.scharf@xxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- From: "Chris Jeane" <rysheve@xxxxxxxxx>
- Date: Thu, 4 Dec 2008 09:03:22 -0600
The Project Chroma Project website reads(I have highlighted the colors in
black so that they are readable):
*Green level: There is negligible threat to online security.
*Ok this one is pretty simple.*
Yellow level : There is a minimal level of threat, and this must be
monitored and contained.
*The SAN ISC says : "We are currently *tracking* a significant new threat.
The impact is either unknown or expected to be minor to the infrastructure.
However, local impact could be significant. Users are advised to take
immediate specific *action to contain* the impact."
You are giving an abbreviation version of something that already exists and
is excepted.
*Orange level: This level of threat indicates there are parties who are
actively engaging in cyber-warfare. Caution is required when online.
*Caution is *always* required when online. If you are in an area
(country/province/region) that is affected by cyber attacks you will have
limited/no access the internet. If only your company/person is being
assaulted from cyberspace the attack would probably go unnoticed by this
monitoring system. If the attackers were commiting a DDOS attack on several
specific non-infastructure targets, you internet access my slow/go dark, but
is that really a threat to you? or one you can protect agianst?
*Red level: This level indicates a full blown cyber-war. It indicates
very high probability of all communications being intercepted.
*The use of the term 'full blown cyber-war' seems like a overarching scare
tactic. We have yet to see what cyber-warfare looks like. Estonia was a one
sided cyber ambush, not two entites engaging in war. The alerts should be
more generic and accompanied by an acessment of the actual *current *situation.
If something like 'Code Red' where to infect the internet agian this alert
calling it cyber-war would be a misnomer.*
While homeland security's implementation does not seem to have a real
world merit, such a threat level would certainly be very useful in the
online security realm.
*Who is this useful to: Security processionals, end users, governmental
agencies? How and why as similar systems already exist?*
Please disseminate this announcement of the
project Chroma levels for online security. The immediate mission of
the project is to be picked up by the antivirus and security tools
vendors, so as to add the color codes to their products and provide
users with a tangible measure of their online security.
*Yellow is not a tangible measure of their online security. If perhaps an
Online Security/IPS package knew that a DDoS attack was coming for an
address segment of the internet and it requested that I block traffic from
those attackers until an all clear or *Green *
status was given.* *That is tangible and actionable.*
Current status: Threat level Yellow.*
Your current is higher than SANS ISC. Do you know something they don't?
On Wed, Dec 3, 2008 at 9:57 PM, Luke Scharf <luke.scharf@xxxxxxxxxxxxxx>wrote:
> Mike C wrote:
> >> If you really want to change state of security for the n00bs,
> >> spread the knowledge, not the colors.
> >>
> >>
> > Thats what project Chroma is all about.. Are you on board?!
> >
>
> This already exists, backed up by some hard-core security competence:
> http://isc.sans.org/infocon.html
> http://isc.sans.org/
>
> Has it changed the world?
>
> -Luke
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/