I'd vote for a WG focussing on these things. IIRC there have been plans on a RIPE-Security WG around RIPE-29 or 30. If there's a bigger interest on this topics what about a Security-BOF next RIPE? In general, net-abuse has become one of the major problems these days, included but not limited to attacks, scans, mailbombs, a.s.o.
Three years ago, Daniel Karrenberg posted a proposal for creation of a pilot incident response team, called Security Incident Response and Coordination in Europe (SIRCE). The team should have been operating under the RIPE NCC umbrella. Everyone was pretty happy with the proposal itself, but when it came to finances - only a small number of ISPs agreed to participate in funding. Therefore, as far as I remember, the RIPE NCC had to widthdraw the proposal. That, however, doesn't mean we can't think about resurrection of SIRCE. At least, we can start with a WG, but a central IRT that will coordinate the incidents is really needed. Regards, Beri .-------. | --+-- | Berislav Todorovic, B.Sc.E.E. | E-mail: BERI@etf.bg.ac.yu | /|\ Hostmaster of the YU TLD | |-(-+-)-| School of Electrical Engineering | Phone: (+381-11) 3221-419 | \|/ Bulevar Revolucije 73 | 3218-350 | --+-- | 11000 Belgrade SERBIA, YUGOSLAVIA | Fax: (+381-11) 3248-681 `-------' --------------------------------------------------------------------