On Dec 11, 4:44pm, Simon Poole wrote:
Subject: Re: DANTE CERT Service ...
Why would anybody fund a competitor to provide this service?
Sorry, but the only way to go is via a trusted, neutral organisation (Ripe, perhaps Terena). -IF- European level coordination is needed in the first place, of which I remain unconvinced.
Somehow it appears to me that all this discussion comes up because of DANTE's difficult role of being financed mostly by academic network organiz ations (="neutral"?) however DANTE being a competitive service provider. My impression is that the role of providing neutral ground for organizations like CERTs should/can be taken over by federations like EurOpen for Europe and the respective national groups like EurOpen.SE (Sweden), GUUG (Germany), NLUUG (The Netherlands) & UKUUG (United Kingdom) and the others. More info about EurOpen and the others can be found e.g. at http://iaix3.informatik.htw-dresden.de/unix_europen.html Regards, Claus Kalle Board member of the German Unix Users Group -- Claus Kalle, University of Cologne Regional Computing Center i i Systems and Networking Dept. M M The E-Mail: Kalle@rrz.Uni-Koeln.DE /I\ /I\ Cologne Phone: +49 221 478 5580 MIIIIIM Cathedral Fax: +49 221 478 5590 MiMiMiM Snail-Mail: Robert-Koch-Str. 10, 50931 Koeln MIMiMiM Germany
Claus Kalle <Kalle@rrz.uni-koeln.de>:
My impression is that the role of providing neutral ground for organizations like CERTs should/can be taken over by federations like EurOpen for Europe and the respective national groups like EurOpen.SE (Sweden), GUUG (Germany), NLUUG (The Netherlands) & UKUUG (United Kingdom) and the others.
Would that really be a good idea? Those organisations are to my knowledge purely Unix oriented. Would they be very interested in pursuing security problems with VAX/VMS, MS Windows and MacOS? No, it has to be an independent organisation. Actually, it shouldn't even be related to networking, but to *computing*! Best regards, /Liman #------------------------------------------------------------------------- # Lars-Johan Liman ! Internet: liman@sunet.se # Ebone/NORDUnet/SUNET Operations Centre ! BITNET : LIMAN@SEARN # Royal Institute of Technology, Sweden ! HTTP : //www.sunet.se/~liman/ # ! Voice : Int +46 8 - 790 65 60 #-------------------------------------------------------------------------
My impression is that the role of providing neutral ground for organizations like CERTs should/can be taken over by federations like EurOpen for Europe and the respective national groups like EurOpen.SE (Sweden), GUUG (Germany), NLUUG (The Netherlands) & UKUUG (United Kingdom) and the others. Would that really be a good idea? Those organisations are to my knowledge purely Unix oriented. They were. But times have changed and lots of organisations that have or refer to "Unix" in their name are now no longer focused only on that operating system. Would they be very interested in pursuing security problems with VAX/VMS, MS Windows and MacOS? I'd suggest you visit one of the conferences of the mentioned organisations. Then you'll see that they cover a broad range of issues outside those related to Unix alone. No, it has to be an independent organisation. Yes, it has to be an independent organisation. Actually, it shouldn't even be related to networking, but to *computing*! Computing by itself doesn't bring much risk. Computing with broken or "contaminated" software brings risks. Even more so does networking, since it's the ideal "carrier" for all risks related to computers in general. So the organisation really should be closely related to networking, or in close contact with an an organisation related to networking. Piet
They were. But times have changed and lots of organisations that have or refer to "Unix" in their name are now no longer focused only on that operating system.
OK. (Proves that I haven't been doing my homework. ;-)
I'd suggest you visit one of the conferences of the mentioned organisations. Then you'll see that they cover a broad range of issues outside those related to Unix alone.
I would, if there was time and money ...
Computing by itself doesn't bring much risk. Computing with broken or "contaminated" software brings risks. Even more so does networking, since it's the ideal "carrier" for all risks related to computers in general. So the organisation really should be closely related to networking, or in close contact with an an organisation related to networking.
Definitely, but we mustn't forget the thousands of stand-alone PC:s that only have foot-net. Diskettes are just as bad. We must also bear in mind the large non-connected multi-user systems, where local cracking can be just as painful as network cracking (although it's less common these days - agreed). Best regards, /Liman
Some people might doubt that EurOpen can manage to forget its historical links to EUNet. I've changed my mind after a while: - DANTE can do anything it wants to. If SURFnet and DFN wants it to take care of some security issues for them, FINE. - The Concert-in-E proposal should be pursued, but the result might be more of a consultation forum (FIRST-Europe?) rather than an operational service (CERT-Europe). - I'll recommend that the UNINETT CERT establishes cross trust with both the DFN-CERT, the SURFnet-CERT, the DANTE CERT and any Euro-CERT that is established by other parties. Any of them may get money if we see perceived value to their services. Not very constructive, am I? Harald A
Dear colleagues, In the DANTE CERT discussion I've seen a point being made about a possible FIRST Europe which I feel a need to clarify, thereby amplifying Wilfried's reaction to the subject: Harald wrote:
... - The Concert-in-E proposal should be pursued, but the result might be more of a consultation forum (FIRST-Europe?) rather than an operational service (CERT-Europe). ...
We - meaning European CERT folks, in growing numbers - have been debating this issue since mid 1993, and the outcome invariably was the following: We do NOT need a European version of FIRST. Why? Simple. FIRST is the worldwide CLUB of CERT's. No less, no more. They do administrative work, gather information on the teams, provide for an annual meeting, stimulate coordination between teams and that's about it. What for earth sake would we need a European version of the FIRST I just described for? FIRST is NOT involved in real-time incident handling, that is solely done by the member teams of FIRST. And the de facto nucleus of THAT activity, incident handling, is CERT/CC. Now it has become clear of late that CERT/CC can nor will assume that role for Europe indefinitely. That leaves two options. Either all of European CERT's - a rapidly growing number! - start interacting with each other and the rest of the world on the basis of many many bilateral relationships; or we create a European parallel to CERT/CC to solve that problem. Most of us - in my understanding - agreed we need the latter, and that is what EuroCERT, NICE, Concert-in-E and DANTE CERT were and are all about. There are differences of opinion though on mainly two items. One is timescale: do we need this NOW, or only somewhere in 1996? And the other is how to get there: who will organize it, who will pay for it and who will be doing the job. The DANTE CERT discussion falls into this category. Kind regards, Don Stikvoort CERT-NL PS: The recent meeting of European CERT's in Hamburg was, like its predecessor in Amsterdam the year before, NOT a European imitation of FIRST, but an ADDITION to what FIRST is doing. Travel costs to the USA is one reason for doing this. The other that there are a lot of networks preparing CERT activities in Europe who like to know about their neighbours and about FIRST. We specifically use the name FSIG-Europe for this contact group - FIRST Special Interest Group Europe - though I must add that this name has no official FIRST rubber stamp (yet).
participants (5)
-
Claus Kalle -
Don Stikvoort -
Harald.T.Alvestrandīŧ uninett.no -
Lars-Johan Liman -
Piet Beertema