A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Extended Incident Handling Working Group of the IETF.
Title : Incident Handling: Real-time Inter-network Defense
Author(s) : K. Moriarty
Filename : draft-ietf-inch-rid-04.txt
Pages : 67
Date : 2005-9-20
Network security incidents, such as system compromises, worms,
viruses, phishing incidents, and denial of service (DoS), typically
result in the loss of service, data, and resources both human and
system. Network Providers (NPs) need to be equipped and ready to
assist in communicating and tracing security incidents with tools
and procedures in place before the occurrence of an attack. This
paper outlines a proactive inter-network communication method to
facilitate sharing incident handling data and integrate existing
tracing mechanisms across NP boundaries to identify the source(s)
of an attack. The various methods implemented to detect and trace
attacks must be coordinated on the NPs' network as well as provide
a communication mechanism across network borders. It is imperative
that NPs have quick communication methods defined to enable
neighboring NPs to assist in reporting or tracking a security
incident across networks. A complete solution integrating incident
detection, source identification, reporting and communication
capabilities, and methods to stop attack traffic is necessary to
attain higher security levels on networks. Policy guidelines for
handling incidents are recommended and can be agreed upon by a
consortium using the security recommendations and considerations.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-inch-rid-04.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-ietf-inch-rid-04.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-inch-rid-04.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-inch-rid-04.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/i-d-announce
