There seems to be a few things going on in this list of late including discussions on: * Internet Surveillance * Metting of admins without the pointy haired * NZ admins contact list Internet Surveillance: Joe Abley tried to stir things up by posting thse as reasons why no responses so far:
+ ISPs don't care about this issue at all
+ ISPs are too busy with real work to worry about it right now yes But I am sure if it is important enough people will give it their attention. Otherwise we stand to lose control over this.
+ ISPs have no confidence that anything ISOCNZ can say or do on the subject will ever come to anything anyway I am not sure what ISOCNZ can do on this topic. I think they may be able to get ISPs together to talk about it and perhaps arrange a meeting with the decision makers on the Govt end to discuss the issue.
In this I can see that while most of us think it is a good idea, there are other issues to be considered including * What this involves (in terms of cost of labour and technology, ability etc) * process There's also other issues that are not so cut and dried and that probably includes legal and privacy issues as well as whether each of us stand in this issue in terms of rights, freedom etc. (No I don't want to tread on this) Does anyone feel the need to meet with DIA (and whoever else in the govt) who know the technicalities of this to discuss the issue? Does anyone feel the need to discuss with people overseas who have worked in the field of tracking down hackers and taking them to jail? I've half mentioned this to someone in the US. IF there's a demand I can pursue this further. Where do people stand on each issue? For example I think it is one thing to track something the police have a warrent for than to act on their suspicions. I also don't believe in scanning emails for particular text strings to perhaps highlight possible problems (and I know this isn't effective especially with people being able to use pgp etc) What if someone is using encrypted or securirty like ssh/ssl/pgp/ and whatever other encryption there is. Where do you stand on port scanning? For example some say there's nothing wrong with portscanning - it is what they do with the information after they scan. Others say if they port scan they must be guilty or told off. Do all IRC servers have to log their traffic? It is not unknown for people to work in groups. We often face this on Undernet. So some script kiddie is pissed off. He tells his mates in their channel and before you can blink you get attacks from all over the place. I am not active on this frontline but can introduce you to the ones that are. At what cost are you going to do this? Can network admins be protected and remain anonymous? Or will they be named? Yes there's a cost. While in most cases the problem is found and sorted out. However if you get a bad lot or a particularly big team, the cost could be huge. One may say "I'll do anything". However can you bear the cost if it breaks up your marriage or drives your business to the ground? Sounds a bit extreme? Yes. Have either happened? Yes to both. Meeting - Yes please NZ Admins contact list People have been talking about it. Some have made a start. An email arrived on Friday with the code for the US netops list. (URL of that list is http://puck.nether.net/netops/ ) So if we want something like this in NZ, I can spend some time trying to get it going etc. (and if I can't I have offers of help for this) So please raise hands if you want it. regards lin --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog