200.0.0.0 is on my block list, I have had strange and questionable traffic from here. I don't need to get any traffic from here so I just block the subnet.
No offense Brazil... I still love Brazil =)
Printable View
200.0.0.0 is on my block list, I have had strange and questionable traffic from here. I don't need to get any traffic from here so I just block the subnet.
No offense Brazil... I still love Brazil =)
You may be right chsh, however, if it is real and it's having am impact on the "members" of that site, does it not effect us all. Why are we (the unwashed security professionals) not allowed to have access to this infomation which may (or may not) have an impact on the networks we are paid to protect?Quote:
If there is something going on out there, don't we all have to know about it so we can take steps to protect/stop the attackes?
Cheers:
Department of Homeleand Security
^^^^
Never knew the Department of Homeland Security changed their names.
First off ... ROTFL ... nice! I like that muchly, and will use it to skewer my DoD-employed bretheren at the next InfoSec Geek Association meeting I go to (there's a heavy US gov't presence in my home city, so a large portion of our group is from Military/gov't contract agencies. Read: clearances, and lot's of them.)Quote:
OK...you've answered your own question. Since when does the federal government (here in Apple Pie land) tell us everything they are doing? Also, I'd say the message looks like they are trying to gather info and assess what is going on...so why make a big announcement that says "We are tracking something! Maybe! It could be nothing, really, but we don't know yet! More to come later!"
It's probably a 'short list announcement/request for info' so they can figure out what it really is they're seeing, or what the scope of a known issue really is. Then we'll know (or maybe not) when they make a formal announcement (or not.)
Yup, request for info:
They are still trying to figure out WTF, over?Quote:
Please disseminate to your owner operators ASAP so US-CERT can judge the national impact of these compromised systems.
Correct me if I am wrong, but when did CERT become controlled by the federal government? Now I know a lot has changed, but I thought CERT was a public service resource.Quote:
Originally posted here by zencoder
Since when does the federal government (here in Apple Pie land) tell us everything they are doing?
I go with the old saying, if we are not part of the solution, we are then part of the problem, we need information in order to help with that.
my 2 cents (Canadian)
Cheers:
CERT changed sometime after 9/11
About the same time the little bastards forgot how to spell............. :DQuote:
Department of Homeleand Security
That is the footer/signature.............it does not get re-typed every time if the communication is genuine...........................
526 "ATTACKS" not systems taken over...............hell that is a real threat to national security...........unless of course they are NORAD, COMSUBPAC, SAC and the rest.......................
HOAX......................... :cool:
True, but why haven't some other sites started to post about these attacks, most notablity the Internet Storm Center.Quote:
They, IMHO are a lot faster at picking up these things than CERT.
Cheers:
Good eye Nihil
MLFQuote:
About the same time the little bastards forgot how to spell.............
Actually Morgana, it was TT who confirmed it to me............it was not a correct English spelling, but we are used to differences between UK and US spellings :D
The numbers are all wrong.....................526?.................someone like CERT does not publish until they know...............
DjM called it:
;)Quote:
They, IMHO are a lot faster at picking up these things than CERT