Building a Walled Garden - Abuse and Incident Handling Tooling for Network Managers

No ratings

Presented at AUScert 2008 by

Scott Mcintyre

The tooling involved with active incident handling and abuse mitigation requires tools and procedures not just to detect problems within your network, but to act on them and wherever possible remove the threat whilst at the same time providing customer awareness and enhanced security. This tutorial will cover the bespoke tools one ISP has built and deployed which detect problems, notify customers of issues, track incident status within the organisation, and place customers in a Walled Garden until their systems are clean. The tools discussed were all built on open-source software, and the approaches covered can apply to a variety of organisations, not just Internet Service Providers. The tutorial will include live demonstrations of the technology discussed, a simulation of the steps required to build a Walled Garden, and plenty of opportunity for interaction and discussion on the necessity of this tooling and the policy issues that go along with building and supporting them.