North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0)
On Tue, 7 Oct 2008, Steven M. Bellovin wrote:
On Tue, 7 Oct 2008 14:07:04 -0400 (EDT) Sean Donelan <sean@xxxxxxxxxxx> wrote:
More seriously though, you are far more likely to be in charge of certifying products for acquisition, and run after the different offices, agencies and organizations for cooperation. So a first step would be to try and make yourself useful to them, and develop personal relationships with those who do want to work with you, in order to start facilitating information sharing and incident response.
I'd also try and get as many logs, flows, etc. I can get and build a main monitoring system.
Being in "charge" is simply not possible or practical.
Following the networks is indeed the first step.