Testimony of Richard Pethia; Director, CERT Centers before a US S enate committee
This is the second posting I have made to this list of information related to security issues affecting the Internet. The information is sourced from a email list of the GOVIS information security forum which is convened by Mike Pearson of the Ministry of Fisheries. Unless there is objection that the information is off-topic or inappropriate I shall continue to make such postings when it seems to me that the information is of potential interest to members of the nznog. Happy to receive comments direct if people prefer not to clog the list with feedback. Full report at: http://www.cert.org/congressional_testimony/Pethia_testimony_Mar28-2000.html <extract> The recently publicized rash of attacks on Internet e-commerce sites reminds us once again of the fragility of many sites on the Internet and of our ongoing need to improve our ability to assure the integrity, confidentiality, and availability of our data and systems operations. While it is important to react to crisis situations when they occur, it is just as important to recognize that cyber defense is a long-term problem. The Internet and other forms of communication systems will continue to grow and interconnect. More and more people and organizations will conduct business and become otherwise dependent on these networks. More and more of these organizations and individuals will lack the detailed technical knowledge and skill that is required to effectively protect systems today. More and more attackers will look for ways to take advantage of the assets of others or to cause disruption and damage for personal or political gain. The network and computer technology will evolve and the attack technology will evolve along with it. Many information assurance solutions that work today will not work tomorrow. </extract> Frank March Specialist Advisor, IT Policy Group Ministry of Economic Development, PO Box 1473, Wellington, NZ Ph: (+64 4) 474 2908; Fax: (+64 4) 471 2658 --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Hello Frank; On Tue, 4 Apr 2000, Frank March wrote:
The recently publicized rash of attacks on Internet e-commerce sites reminds us once again of the fragility of many sites on the Internet and of our ongoing need to improve our ability to assure the integrity, confidentiality, and availability of our data and systems operations.
While I think the motives are laudable, I think you are preaching to the converted on the NZNOG list - I would assume that audience would be somewhat familiar with CERT. -- Josh Bailey (joshbailey(a)lucent.com) "Josh is... at large" -- F.W. --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Hello Frank;
On Tue, 4 Apr 2000, Frank March wrote:
The recently publicized rash of attacks on Internet e-commerce sites reminds us once again of the fragility of many sites on the Internet and of our ongoing need to improve our ability to assure the integrity, confidentiality, and availability of our data and systems operations.
While I think the motives are laudable, I think you are preaching to the converted on the NZNOG list - I would assume that audience would be somewhat familiar with CERT.
And furthermore, I would add that the best thing GOVIS could do right now is try to ensure that Government operated mail servers were configured as closed relays. Last stats I saw indicated that, as a percentage of total servers in that domain, there were a far higher number of open relay .govt.nz mail servers than .co.nz ones. -- Andrew P. Gardner Never underestimate the power of stupid people in large groups. --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
participants (3)
-
Andy Gardner -
Frank March -
Josh Bailey