Brendan Murray wrote:
If you think there would be some value in this, please email me.
You can find information about the nsp-security mailing list at https://puck.nether.net/mailman/listinfo/nsp-security)
There would be two of us at UoA who would be candidates for such a list. I never joined the original list since we are not a big player by international standards but if someone sets up an NZ branch we would be happy to participate. Both of us security techs here have close contacts with various international security organisations and would be happy to lend our expertise to a NZ based operation. I operate an extensive monitoring operation on our gateway and would be interested in automatically notifying NZ ISPs of alerts that originate from their addresses. Hmmm... It occurs to me that setting up a NZ clearing house for such information (a sort of mini ISC) might be worthwhile if we can get enough people together to contribute alerts. I know there are several sites running snort in NZ so how about if I wrote a script to go through the database and pull all alerts for NZ (excluding those from the host site ;) and loaded them into a database which was available to list subscribers thjropugh one of the standard snort web interfaces ? Such a facility would have two uses, it would alert those ISPs who take AUP violations seriously to problems and allow them to be proactive in dealing with them and it might also shame those who don't deal with such matters in a timely manner to raise their act since the results are visible to others in the industry. Note that the data belongs to those who collect it and I don't see any legal issues with making such information available withing a closed community with strict membership guidelines. But as you know IANAL and we would need to run this past legal folk before doing any work on such a project. Note, at that stage this is not a firm offer, I'm just flying a kite to see who will come to the party or try and shoot it down :) Russell