Brendan Murray wrote:
>
>
> If you think there would be some value in this, please email me.
>
> You can find information about the nsp-security mailing list at
> https://puck.nether.net/mailman/listinfo/nsp-security)
>
>
I believe such a closed security mailing list would have a great deal of value, not only to Universities and ISP's within New Zealand (re: aka Russell Fulton) but also to Critical Infrastructure Providers, financial services too.     With a great number of sources from Phishing, Pharming attacks being reported with USA and EMEA from APAC, this could also provide an early warning system and possibly assist in shutting down such activity via the participating ISP's.

However, in terms of running a script through various snort databases, the issue of privacy looms and authorisation, a better answer might be to use the New Zealand nominated CERT for such operations i.e. Centre for Critical Infrastructure Protection (CCIP) locally as a central collection point etc..  To ensure anonymity etc.

It would also be good to add ISC (sans.org) logs to the collective..

With compliance issues only around the corner, New Zealand is relatively unscathed by regulatory/legislation within USA, EMEA, Australia, which statistically looks like it will take a hold within the next 1-2 years.   Such a group may provide guidance to organisations, not prepared for the ongoing associated issues of compliance.


John Martin
Security Practice Leader
IBM NZ