Anyone ever heard of these people? in Security

Anyone ever heard of these people? in Security http://www.dslreports.com/forum/r16761081 en Sun, 06 Dec 2009 03:05:20 EDT Sun, 06 Dec 2009 03:05:20 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16769585 Name Game :

said by norwegian

:

Educational read, *no pun* though.

I wonder what/ how they capture packets, and interpret them. By Ethereal on a computer, or is it via a router especially designed for this project ?

If it does come to the general public, what a test bed, the youth of today.

But the one downfall I can see with this; what off people that leave and become a 'black hat', can they guarantee this.

Sorry for this line of thought MackyGA, but you can't help but question how good, how bad such a move will make.
Guess as it's in trial, the general public won't get much till they at least know it's capabilities.

Sounds promising.

This might give you an idea of "how" they do it...and some of the things they have done in the past to help control worms and other bad boys..

@MackyGA
REN-ISAC is not after your money..can you tell us what kind of "multiple virus" you found on that laptop by name?

»www.google.com/search?hl=en&lr=&···G=Search

REN-ISAC W32/Blaster debrief as of 2000 GMT Fri Aug 15 2003

The REN-ISAC[1] and the IU Advanced Network Management Lab (ANML[2]) are continuing to perform analysis of Abilene NetFlow data to characterize W32/Blaster activity. A sample during the period 1200-1500 GMT Thursday August 14 was used to identify top network AS sources of port 135 scans on Abilene. Within the top-twenty list, six AS were repeats from the August 14 top twenty. E-mail notifications were sent to the network contacts, including 18 U.S. universities, and 2 U.S. GigaPoP/aggregates.

»listserv.educause.edu/cgi-bin/wa···&P=11463

»ren-isac.net/monitoring.cgi

Abilene NetFlow data
»www.google.com/search?hl=en&lr=&···G=Search

The Abilene Observatory

»abilene.internet2.edu/observator···ess.html
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/]]> http://www.dslreports.com/forum/remark,16769585 Thu, 24 Aug 2006 07:47:08 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16769467 Name Game :

said by Psicop

:

Well I said what I said because I thought that if you get associated with someone whose business practices are let's say "unclear" then there must be something wrong with you.

As this is not the case it's all good then. No dramas.

Cheers.

:)

There is nothing unclear :D except the way you used dnsstuff :o

»www.dnsstuff.com/tools/ptr.ch?ip···79.78.96

»www.dnsstuff.com/tools/whois.ch?···79.78.96

»www.dnsreport.com/tools/dnsrepor···isac.net

ren-isac at iu dot edu uses 129.79.78.96 as an IP address and is located in Bloomington, IN, US

»ws.arin.net/cgi-bin/whois.pl?que···79.78.96
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/]]> http://www.dslreports.com/forum/remark,16769467 Thu, 24 Aug 2006 06:57:39 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16763666 Psicop : Well I said what I said because I thought that if you get associated with someone whose business practices are let's say "unclear" then there must be something wrong with you.

As this is not the case it's all good then. No dramas.

Cheers.

:)]]> http://www.dslreports.com/forum/remark,16763666 Wed, 23 Aug 2006 12:05:20 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16763556 norwegian :
No I wasn't missing the point gary, I understood exactly what was being said, sorry you think what I said suggested otherwise.

Any study and improvement of the internet has to be a positive thing. I am keen to hear that something is in trial out there.

Whether speed is the issue here, or the understanding of the packets and the (maybe) security gains, or both, does have nothing to do with it's origins, nor it's maker.

The plusses of these are what we are after, and look forward to learning more even as a home user.

You boys can't have all the fun. ]]> http://www.dslreports.com/forum/remark,16763556 Wed, 23 Aug 2006 11:47:18 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16763240 garywk :

quote:
"Ad laden", sounds more like industrial/ commercial words in competition, rather than facts.

I think you're missing the point. The post I quoted was saying REN-ISAC wasn't too clean because of what DNSStuff said about Network Solutions as a domain registrar.

The only entity having anything negative said about it on that page was Network Solutions. I don't see how Network Solutions not providing very much information upline means REN-ISAC is problematic.
--
“Here in America we are descended in blood and in spirit from revolutionists and rebels - men and women who dare to dissent from accepted doctrine. As their heirs, may we never confuse honest dissent with disloyal subversion.”

Dwight David Eisenhower]]> http://www.dslreports.com/forum/remark,16763240 Wed, 23 Aug 2006 10:55:03 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16763155 Steve : REN-ISAC is totally legit, they do very good work, and are quietly working very hard to keep the internet clean. I know senior staff there, and there is z-e-r-o worry about black hat crap; I'd trust them with the most sensitive security information I have (I have, as a matter of fact).

They're the good guys.

Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site]]> http://www.dslreports.com/forum/remark,16763155 Wed, 23 Aug 2006 10:36:57 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762847 anon : Thanks everyone.

I guess what I was really wondering is if the mail was some hook to sell something. I called an associate from another school this morning and he said he had received them before and was never asked to buy anything.

My worry was that by responding I would set myself up for being spammed by them. I've had companies try that before. Call to say they know of some problem computer but would tell us, and regularly afterwards, for a fee. Our budget is so small, I have to be careful about that kind of "help".

Thanks again,
Mack]]> http://www.dslreports.com/forum/remark,16762847 Wed, 23 Aug 2006 09:34:40 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762401 norwegian :

said by garywk

said by Psicop

:

REN-ISAC:

»www.ren-isac.net/

Linked to Indiana University.

Give them a call and see what's going on but they don't look too clean according to DNS Stuff records.

Good luck :)

So, anyone registered with Network Solutions isn't too clean in your estimation?

"Ad laden", sounds more like industrial/ commercial words in competition, rather than facts.]]> http://www.dslreports.com/forum/remark,16762401 Wed, 23 Aug 2006 07:48:43 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762396 norwegian :
Educational read, *no pun* though.

I wonder what/ how they capture packets, and interpret them. By Ethereal on a computer, or is it via a router especially designed for this project ?

If it does come to the general public, what a test bed, the youth of today.

But the one downfall I can see with this; what off people that leave and become a 'black hat', can they guarantee this.

Sorry for this line of thought MackyGA, but you can't help but question how good, how bad such a move will make.
Guess as it's in trial, the general public won't get much till they at least know it's capabilities.

Sounds promising.]]> http://www.dslreports.com/forum/remark,16762396 Wed, 23 Aug 2006 07:46:41 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762275 garywk :

said by Psicop

:

REN-ISAC:

»www.ren-isac.net/

Linked to Indiana University.

Give them a call and see what's going on but they don't look too clean according to DNS Stuff records.

Good luck :)

So, anyone registered with Network Solutions isn't too clean in your estimation?
--
“Here in America we are descended in blood and in spirit from revolutionists and rebels - men and women who dare to dissent from accepted doctrine. As their heirs, may we never confuse honest dissent with disloyal subversion.”

Dwight David Eisenhower]]> http://www.dslreports.com/forum/remark,16762275 Wed, 23 Aug 2006 06:46:07 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762221 Psicop : REN-ISAC:

»www.ren-isac.net/

Linked to Indiana University.

Give them a call and see what's going on but they don't look too clean according to DNS Stuff records.

Good luck :)

]]> http://www.dslreports.com/forum/remark,16762221 Wed, 23 Aug 2006 06:09:16 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16762155 Name Game : »www.networkworld.com/news/2003/0···l?page=2

Essentials on Internet2
A few fast facts on the Internet2 project:
• The educational and experimental network began in 1996.
• 203 universities participate.
• This group spends at least $100 million annually on the project.
• There are 50 corporate members that have invested more than $30 million since 1996.
• Network upgrade to 10G bit/sec is nearly complete.
• The movie “The Matrix” can be downloaded in 30 seconds, according to Internet2’s land speed record test.
• It takes 25 hours for the same movie to be downloaded over a DSL.

The group also now has the ability to capture and examine each flow across the network. While the ability to examine traffic closely from all universities has raised security and privacy concerns, Corbato says the group is "very careful with this data. We're looking to see what's happening over the network in real-time, what applications are most popular and the average duration of a data flow."

The group also is dedicated to advancing Internet security. In February, Internet2's Research and Education Network Information Sharing Analysis Center (REN-ISAC) joined the Department of Homeland Security's national information sharing and analysis center group.

"REN-ISAC is a higher-education-sponsored center designed to help universities and colleges improve their security," says Mark Bruhn, acting director of REN-ISAC at Indiana University. The program also lets higher education do its part in securing the national cyberinfrastructure, he says.

Indiana University operates REN-ISAC to monitor security threats and events, such as denial-of-service attacks, in real time. The center not only immediately notifies victims and sources,, but it also shares this information with other universities to help them better secure their networks.

REN-ISAC, now that it's part of the national ISAC program, can exchange findings with other centers. When the federal government initially formed the national sharing program, higher education was not included, which was a mistake, as far as the Internet2 people were concerned.

REN-ISAC Research and Education Network-Information Sharing Analysis Center

»www.indiana.edu/~ocmhp/031403/te···ter.html
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/]]> http://www.dslreports.com/forum/remark,16762155 Wed, 23 Aug 2006 05:21:19 EDT Re: Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16761390 kcazzie : Try Google, I did and even one topic had Internet2: ... Also most of the stuff had to do with indiana. edu ...

---> »www.google.com/search?q=RENISAC&···t=0&sa=N]]> http://www.dslreports.com/forum/remark,16761390 Wed, 23 Aug 2006 00:41:17 EDT Anyone ever heard of these people? http://www.dslreports.com/forum/remark,16761081 anon : Hi everyone,

Long time reader, first time poster :)

I'm a security manager for a small school in Georgia. My full-time job mostly involves helping people with their anti virus software etc.

The other day we received a mail from something called RENISAC. The message included an ip address that they said was infected with a worm. I investigated and sure enough the ip was for a persons laptop that had multiple viruses on it. I'm guessing they were scanned by the computer and got our information that way.

What I'm wondering though is, has anyone else gotten any mail from these people? Has anyone heard of them before? It looks like they work on Internet 2 related stuff, but we're not connected to that. It's strange that we've never been contacted by them before. They look to have been around a while, references going back 2 years or so online.

Any information from people would be great.

Thank you,
Mack]]> http://www.dslreports.com/forum/remark,16761081 Tue, 22 Aug 2006 23:45:46 EDT