[Intelmq-dev] How do you notify ISPs/network owners about accessible (open) devices?
Bernhard Reiter
bernhard at intevation.de
Mon Mar 13 13:19:03 CET 2017
Am Montag 13 März 2017 13:02:47 schrieb L. Aaron Kaplan:
> So, we now have two types that we are talking about:
> 1. Vulnerable and openly accessible ports
> 2. Potentially vulnerable (but not proven) and accessible ports
It depends, there are probably ISP/network owner who would want to be notified
of some potentially vulnerable situation and others would rather not.
This challenge could be approached with
* make automatic handling a lot easier, so ofr example if everything gets xarf
files the recievers could more easily just ignore stuff on their end.
Conclusion some notification should only be send out if their automated
handling is easy.
* When it is not clearly vulnerable, a notifcation is a service. Maybe the
isps/network owner can subscribe or unsubscribe to details of the service on
their own. Like "Go to URL to opt out of the "potentially interesting" ports
group".
Just my 2 Euro-¢,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20170313/36c3fac9/attachment.sig>
More information about the Intelmq-dev
mailing list