North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Inter-ISP/Telco/X.25 security procedures?
On Mon, 16 Sep 2002, Mark Kent wrote: > > >> Please see Clifford Stoll's book The Cuckoo's Egg for a description > >> of tracking an intruder across various PSTN, PSDN and Internet providers. > >> I haven't seen a better description of the process. > > And there were, what?, three US ISPs back then? > > And when Stanford was getting hacked, where was BBN... > Answer: right on the Stanford campus, in Stanford buildings! > > We don't have the same Internet architecture as we had > during The Cuckoo's Egg era. Funny thing is there seem to be about the same number if internet security folks working at the isp's now as at the time of the book's writing :) Most times our procedures fail back to: 1) do a whois on the domain name if the ISP in question 2) call the noc number listed 3) try to work your way around to a security-type person 4) end up emailing logs of the incident to noc@ 5) wait and hope they respond quickly with something helpful :) Depending on the carrier things can be good, or very bad.