Security incidents are a daily event for Internet Service Providers. Attacks on an ISP's customers, attacks from an ISP's customer, worms, BOTNETs, and attacks on the ISP's infrastructure are now one of many "security" NOC tickets through out the day. This increase in the volume and intensity of attacks has forced ISP's to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation. Hence, these ISP Security BOFs are also used as a face-to-face sync up meeting for the NSP-SEC forum (see https://puck.nether.net/mailman/listinfo/nsp-security.)

The general theme for this BOF is the "Worms of August." We will select a set of ISP Security Engineers to present a 5-to-10-minute description of their networks, anti-worm security tools, policies, how they mitigated the worms, and what they are doing to prepare for the next worm.

If you are a Security Engineer and wish to participate in this BOF, please send an e-mail to kaeo@merike.com or bgreene@cisco.com with Subject: ISP Security BOF IV.

Barry's PDF presentation
Sean's PDF presentation
Team Cymru's PDF presentation