August 11th, 2003, 10:10 PM
Threatcon at 3 out of 4?? "Known threat"
I was just over at www.securityfocus.com and saw that the threat con indicator was at 3. I've seen it at 2 now for the past few weeks (increased alertness) (since the DCom bullshit), but today its at a solid three. This made me wonder what the "known threat" is, as this is the definition they give for level 3. I myself havent noticed any slowdowns, and my Snort logs arent showing anything out of the ordinary. *shrugs*
"This condition applies when an isolated threat to the computing infrastructure is currently underway. Under this condition, increased monitoring is necessary, and redeployment and reconfiguration of security systems is recommended. People should be able to maintain this posture for a few weeks at a time, as threats come and go"
I remembered having a link to a sit that broke down the scans and probes across the whole internet into protocol categories. If you know that link I would be greatly appreciative if it gets posted. Anybody have any insight as to what this could be?
August 11th, 2003, 10:17 PM
There is a new worm lose on the net. You can find more info here: