[LACNIC/Seguridad] RES: Security Assessment of TCP at the IETF

Wladimir Gonçalves Jr. wgoncalves en panamericano.com.br
Mar Jun 30 13:58:09 BRT 2009


Dear Max,  

  

we have been facing problems regarding several attempts sweeping ports of our firewalls. In a recent case we obtained reports that they were treated of ips of provider LOCAWEB, here in Brazil. Now, I ask; how can a name provider give up ips to hackers? Which control does exist so that they avoid such supplies?  

 

In Brazil no there is still a law so that they force supplying us IP allocated by the provider when of an attack. The slowness in the treatment and search for information of the origin of the attack is dependent of an excessive bureaucracy, the one that finishes motivating the attacks, because we gave up.   

 

For norms, we protected ourselves with ISO/IEC 27001, 18044, etc... but it is not enough if no there is a government law that it helps to minimize attacks hackers.  

is my protest, in the hope of until you of this immense list to help us.

 

Wladimir

Security Officer

PanAmericano

 

 

De: seguridad-bounces en lacnic.net [mailto:seguridad-bounces en lacnic.net] Em nome de Max Lazaro Taico
Enviada em: Saturday, June 27, 2009 6:29 PM WLAD
Para: Lista para discusión de seguridad en redes y sistemas informaticos de la región; seguridad en lacnic.net
Assunto: Re: [LACNIC/Seguridad] Security Assessment of TCP at the IETF

 

Estimados Amigos,

 

Podrian comentar como vienen en cada pais afrontando el tema de los delitos informaticos, hacks a bancos, ingreso a base de datos de entidades publicas, etc. (el cual podria incluir procedimientos operativos y temas de regulaciones normativas entre otros)

 

Gracias,

 

Max,

 

________________________________

De: seguridad-bounces en lacnic.net en nombre de Fernando Gont
Enviado el: sáb 27/06/2009 15:35
Para: seguridad en lacnic.net
Asunto: [LACNIC/Seguridad] Security Assessment of TCP at the IETF

Estimados,

El tcpm wg de la IETF esta decidiendo en este momento que hacer con el
documento draft-gont-tcp-security, que es una version para la IETF del
documento sobre seguridad en TCP que el UK CPNI publico a principios de
este año.

Estaría interesanet que quienes puedan/deseen emitan su opinion en la
lista de correo relevante. A continuación les envio (en ingles) una
explicación un poco mas detallada, junto con los enlaces correspondientes:

In February this year the UK CPNI published the document "Security
Assessment of the Transmission Control Protocol (TCP)" (available at:
http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf)

Earlier this year we published an IETF Internet-Draft version of this
document (available at:
http://www.gont.com.ar/drafts/tcp-security/draft-gont-tcp-security-00.txt)
in the hope of having the IETF further work on the TCP security paper UK
CPNI had published.

My personal take (possibly biased, since I am the document author)
is that this document has been the result of a lot of work (including
the work of the many peple that reviewed the CPNI version of the
document), and that the IETF should take this chance to work and publish
something on the subject.

The chairs of the TCPM Working Group of the IETF are currently polling
the WG for input about this document. It would be great if you could
voice your opinion about whether the TCPM should take this document on,
and also whether you would be willing to review this document. (Bellow
you'll find a copy of the TCPM chairs' poll)

Please send your comments to tcpm en ietf.org (and please CC me).

Thanks!

Kind regards,
Fernando




--------- Original Message --------
Subject: [tcpm] poll for adopting draft-gont-tcp-security
Date: Wed, 24 Jun 2009 14:25:04 -0500
From: Eddy, Wesley M. (GRC-MS00)[Verizon] <wesley.m.eddy en nasa.gov>
To: tcpm Extensions WG <tcpm en ietf.org>

TCPMers, there was a thread a while ago about working on
draft-gont-tcp-security in this working group that didn't
conclusively give us a feeling one way or other:
http://www.ietf.org/mail-archive/web/tcpm/current/msg04489.html

Basically, my understanding is that there are at least a
handful of people in the WG that think it should be done
here as a WG item (more likely for Informational rather
than BCP), and there are also some expressed opinions on
why it shouldn't.

Given the raw size of the document, if the WG intends to
take this document on, then we need some people to clearly
commit to putting cycles into review and contributions to
the document.  Since it is quite large, and to my knowledge,
there hasn't been a specific technical review of the content
on this list, but just discussions about if the idea in
general is a good or bad thing, we still need to know if
people are willing to invest their time and energy in this.

Please let us know if there is traction for this in the
near term, and/or we can also discuss it in Stockholm.

----------------------------
Wes Eddy
Network & Systems Architect
Verizon FNS / NASA GRC
Office: (216) 433-6682
----------------------------

_______________________________________________
tcpm mailing list
tcpm en ietf.org
https://www.ietf.org/mailman/listinfo/tcpm


--
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1





_______________________________________________
Seguridad mailing list
Seguridad en lacnic.net
https://mail.lacnic.net/mailman/listinfo/seguridad

------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/seguridad/attachments/20090630/6a6ef186/attachment.html>


Más información sobre la lista de distribución Seguridad