[Nlnog] meer discussie!
Erik Bais
erik at is.nl
Tue Jun 22 11:08:31 UTC 2004
Hi Sabri,
Ik denk dat het een prima uitgangspunt is om vanuit te gaan.
Het is waarschijnlijk handig om mensen hun nic-hdl mee te laten sturen bij de
bio alsmede de nic-hdl van hun 2 'bekende'.
nic-hdl: bais-ripe
nic-hdl: SAB666-RIPE
nic-hdl: BOFH-RIPE ( !!! )
Betekend dit, dat je een niet nader te noemen roodharige collega nu op #nlnog
gaan weren ? ( tijdens het in-between jobs zijn ? )
En wat te doen met toeleveranciers ? Of partijen welke zelf geen ISP zijn ?
Er zijn bep. 'insiders' wat in deze een uitzondering op 95% regel zijn .. En
hoe gaan we daar mee om ?
Met vriendelijke groeten,
Erik Bais
-------- I S - I N T E R N E D - S E R V I C E S - B V --------
domeinregistratie - webhosting - colocating - dedicated servers
www.is.nl - info at is.nl - T: 0299-476185
Gorslaan 18 - 1441 RG - Purmerend
---------------------------------------------------------------
> -----Original Message-----
> From: nlnog-bounces at nlnog.net
> [mailto:nlnog-bounces at nlnog.net] On Behalf Of Sabri Berisha
> Sent: dinsdag 22 juni 2004 11:45
> To: nlnog at nlnog.net
> Subject: [Nlnog] meer discussie!
>
> Hi,
>
> Naar aanleiding van wat discussie in het IRC kanaal, bijgaand de
> volgende 'voorwaarden' die ik vond over een soortgelijke mailinglijst
> als nlnog. Mijn voorstel is om iets soortgelijks van toepassing te
> verklaren op deze lijst. Met name het stukje over
> vertrouwelijkheid (als
> ik op deze lijst zeg dat AS12859 netwerkpanne had wil ik dat
> niet morgen
> op Webwereld teruglezen) staat mij wel aan. Uiteraard zou eea ook van
> toepassing zijn op het irc kanaal.
>
> Meningen?
>
>
> "Cyber defenders, ever vigilant, ever responsive." -Marjorie
> Gilbert, 2003
>
> Step one is to insure you meet the qualifications for NLNOG.
> Some common
> questions to ask yourself are:
>
> Do you work for some type of IP transit provider, huge multi-homed
> content provider, or service provider?
> Does your job include Operational Services?
> Are you willing to offer free services, data, forensic, and other
> monitoring data to the NOG community?
> Do you have authorization to actively mitigate incidents in
> your network?
> Do you actually log into a router and do something to
> mitigate an attack
> or call someone to task them to do the work?
> Do you have the time for a real-time NSP mitigation forum?
>
> If yes, then you might fit the expectations to be on the NLNOG
> Mitigation or Discussion Forums.
>
> NLNOG PARTICIPATION EXPECTATIONS
>
> NLNOG is a forum to get work done in the service of the community. As
> such, realistic expectations are placed on the NLNOG
> membership. These
> expectations are periodically reviewed by the NLNOG
> moderators to ensure
> that an individuals community membership is relevant,
> productive, and adds
> value to the mission of NLNOG. These expectations, which have evolved
> through active membership feedback include:
>
> All posts to NLNOG must have an organizational affiliation
> via either a
> corporate email address that is identifable as an ISP/NSP, or via a
> signature that includes your organizational affiliation or ASN.
> Lurking and learning does not contribute to the community there are
> other forums for that. Silence often indicates that people are not
> handling the information provided by the NLNOG community or that the
> information provided is of little relevence to the member.
> Acknowledgements of action whether publicly on the mailing list or
> privately to the people involved provides members of the
> community an
> indication that contributions are being made. Recognizing specific
> national laws, regulations, and/or corporate policies may
> prevent some
> members from posting on the public NLNOG alias; these
> limitations do not
> prevent private mitigation correspondence.
> Taking information provided on the NLNOG forums and using it for
> commercial gain is not allowed. It is a violation of trust to the
> community.
>
> NLNOG is built on trust. Therefore, reposting NLNOG communications to
> individuals inside or outside your organization is a
> violation of that
> trust. NLNOG members should have the span of control to take
> action on
> the information from an NLNOG correspondence without widely
> posting the
> information inside their organization. If forwarding inside the
> organization is required, permission of the posters must be sought.
> NLNOG postings must not be CCed or BCCed to any other forum. Internal
> dialog must be re-crafted for internal use as mentioned in previous
> guildelines.
>
>
>
> NLNOG APPLICATION EXPECTATIONS
>
> Membership in NLNOG is restricted to those actively involved in the
> mitigation of NSP security incidents within organizations in the IP
> transit, content, and service provider community. Therefore,
> it will be
> limited to operators, vendors, researchers. That means no press and
> (hopefully) none of the "bad guys." It also means that
> engineers who do
> not directly work in the core transit/content provider
> network do not fit
> the purview of NLNOG and should look for other forums
>
> NLNOG is not a community for lurkers who wish to "learn more
> about NSP
> security." Individuals who are part of the NSP attack
> mitigation community
> at times create whitepapers, presentations, and training materials to
> educate the larger community. Much of this material will be
> presented to
> NANOG (http://www.nanog.org) and other NSP operations forums (RIPE,
> APRICOT, and AFNOG, etc.). A set of links below offers help for those
> looking to learn more about the tools, techniques, and
> training used by
> the NLNOG community.
>
> NLNOG will use a simple trust/peering relationship. This
> model is not as
> "secure" as an encrypted conversation, yet it is better than
> a wide-open
> public dialog. All applications must be accompanied by at least two
> existing members who will vouch for the new applicant. We
> will establish
> the trust by asking members of the list to vouch for new subscriber
> requests. If the list administrators know the person, then
> they can vouch
> for them.
>
> No information presented in this list is allowed to be
> forwarded or shared
> outside the NLNOG community without specific permission from
> the poster.
> It is expected that members strictly adhere to this policy to
> ensure list
> confidentiality.
>
>
> NLNOG APPLICATION FOR MEMBERSHIP INSTRUCTIONS
>
> Step one is to insure you meet the qualifications for NLNOG.
> Some common
> questions to ask yourself are:
>
> Do you work for some type of IP transit provider, content
> provider, or
> service provider?
> Does your job include Operational Security?
> Are you willing to offer free services, data, forensic, and other
> monitoring data to the NSP community?
> Do you have authorization to actively mitigate incidents in
> your network?
> Do you actually log into a router and do something to
> mitigate an attack
> or call someone to task them to do the work?
> Do you have the time for a real-time NSP mitigation forum?
>
>
> If you'd like to be considered for membership, please provide the
> following information via email to: bofh at nlnog.net
>
> Name:
> E-mail:
> DayPhone:
> 24hrPhone:
> iNOC Phone:
> Company/Employer:
> ASNs Responsible for:
> JobDesc:
> Internet security references (names & emails):
> PGP Key Location:
>
> For Job Description be as detailed and descriptive as
> possible. After
> sending the above form via email go to the section below and issue a
> "subscription" request via the form.
>
> NEW MEMBERS
>
> When a new member requests membership and provides his/her "bio" (as
> above), once the moderators decide that the potential member
> has passed
> their initial review, that person's bio will be sent to the
> full list. All
> applications must be accompanied by at least two existing
> members who will
> "vouch" for the new applicant (preferably not from the same
> organization).
> Any existing member will have 48 hours to send reservations
> about that
> potential member to the moderators. The moderators promise to
> review in
> depth any facts that are raised in regards to any potential
> new member.
>
> RESERVATIONS AND REBUTTAL
>
> Any reservation about an existing or new member that is sent
> privately to
> the -owner list will have all identifying aspects stripped out of the
> email and forwarded to the potential rejectee for rebuttal.
> That person
> will have 72 hours to send a rebuttal before a decision is taken. The
> moderators of the NLNOG list will attempt to take all matters into
> consideration before rendering a decision.
>
> REMOVAL
>
> A majority of the moderators will be required to remove an
> existing member
> or to override a new potential members candidacy for the list.
>
> NLNOG REVETTING
>
> The NLNOG Moderators will periodically review the membership
> and select
> some members for revetting. This is required to ensure that
> all members of
> the list continue to fit the charter characteristics. Both
> employment and
> the charter can change over time - this mechanism allows the list to
> remain true to its charter.
>
> The revetting process occurs in three steps:
>
> 1. The member selected for revetting will be asked to update their
> information, and submit it to the NLNOG Administrators.
>
> 2. Should the member continue to meet the required
> characteristics for
> NLNOG membership, the members information will be sent to the
> list for
> revetting.
>
> 3. At least two members of the list must re-approve
> membership. At least
> one of the approvers must be from a different company than
> the member who
> is being revetted. In addition, other members selected for revetting
> during the same cycle may not approve each other.
>
> Note that not meeting the requirements of each step will
> result in removal
> from the NSPSec mailing list. Those so removed may reapply
> through the
> normal method, although the two-company approval requirements will
> continue to apply.
>
>
>
> NLNOG PHYSICAL MEETINGS
>
> The IETF experience demonstrates that the most effective way
> to build a
> community on the Internet is through a combination of virtual
> meetings
> (e-mail forum) and physical meetings. NLNOG follows the same formula,
> having small meetings and BOFs at the various operations and
> engineering
> meetings around the world. Following is a list of the active NLNOG
> meetings and the contacts for the chaperons/facilitators for these
> meetings.
>
> Please let the community know if you are interested in coordinating,
> chaperoning, or facilitating meetings at other forums.
> Volunteerism in
> service to the community is welcomed.
>
> --
> Sabri Berisha - SAB666-RIPE
> BIT BV - http://www.bit.nl/
> AS12859 and AS31064 - lg: http://noc.bit.nl/traceroute
> _______________________________________________
> NLNOG mailing list
> NLNOG at nlnog.net
> http://mailman.nlnog.net/mailman/listinfo/nlnog
>
>
More information about the NLNOG
mailing list