RE: NIMDA Horror

["Barry Raveendran Greene" <bgreene at cisco.com>]

> > On this note, does any country in Africa have a CSIRT (Computer
> > Security Incident Response Team) that looks at IP/Internet security
> > issues at a national level?
>
> what would they do about it? The only reason this plague is so badly
> affecting people is because of uneducated admins and badly written
> software.

CERT/FIRST Teams would work to "educated" these uneducated admins. That is
where the key problem lies. The "badly written software" is a lame excuse
for not doing one's job. I've never seen any coding project successful
foresee all the ways it could be abused. Even project with the US Defense
Department where we dedicated attack teams audited the code, there were
still vulnerabilities found a year after the code was released.

> Maybe a CSIRT would be useful for other threats, but my suggestion would
> be to blackhole any nets infected with these things.

Not practical. Knee jerk blackhole reactions only lead to a group of
networks - no more Internet. You pick up the phone and offer to help that
infected network - even if they are the competition. The Internet was build
on the fundamentals of collaboration and cooperation. Loose that and you
loose the beauty of the Internet - what you get inside is ISPs with
Telco/PTT attitudes.

Barry


> Regards
>
> --Rob
>
>
> -----
> This is the afnog mailing list, managed by Majordomo 1.94.4
>
> To send a message to this list, e-mail afnog at afnog.org
> To send a request to majordomo, e-mail majordomo at afnog.org and put
> your request in the body of the message (i.e use "help" for help)
>
> This list is maintained by owner-afnog at afnog.org
>
>


-----
This is the afnog mailing list, managed by Majordomo 1.94.4

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org