-
January 24th, 2005, 09:29 PM
#11
Senior Member
200.0.0.0 is on my block list, I have had strange and questionable traffic from here. I don't need to get any traffic from here so I just block the subnet.
No offense Brazil... I still love Brazil =)
-
January 24th, 2005, 10:07 PM
#12
Originally posted here by chsh
Or it could be real and you're not supposed to be sending it around.
You may be right chsh, however, if it is real and it's having am impact on the "members" of that site, does it not effect us all. Why are we (the unwashed security professionals) not allowed to have access to this infomation which may (or may not) have an impact on the networks we are paid to protect?
If there is something going on out there, don't we all have to know about it so we can take steps to protect/stop the attackes?
Cheers:
-
January 24th, 2005, 10:19 PM
#13
Department of Homeleand Security
^^^^
Never knew the Department of Homeland Security changed their names.
-
January 24th, 2005, 10:25 PM
#14
Originally posted here by DjM
(the unwashed security professionals)
First off ... ROTFL ... nice! I like that muchly, and will use it to skewer my DoD-employed bretheren at the next InfoSec Geek Association meeting I go to (there's a heavy US gov't presence in my home city, so a large portion of our group is from Military/gov't contract agencies. Read: clearances, and lot's of them.)
OK...you've answered your own question. Since when does the federal government (here in Apple Pie land) tell us everything they are doing? Also, I'd say the message looks like they are trying to gather info and assess what is going on...so why make a big announcement that says "We are tracking something! Maybe! It could be nothing, really, but we don't know yet! More to come later!"
It's probably a 'short list announcement/request for info' so they can figure out what it really is they're seeing, or what the scope of a known issue really is. Then we'll know (or maybe not) when they make a formal announcement (or not.)
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
January 24th, 2005, 10:29 PM
#15
Yup, request for info:
Please disseminate to your owner operators ASAP so US-CERT can judge the national impact of these compromised systems.
They are still trying to figure out WTF, over?
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
January 24th, 2005, 10:34 PM
#16
Originally posted here by zencoder
Since when does the federal government (here in Apple Pie land) tell us everything they are doing?
Correct me if I am wrong, but when did CERT become controlled by the federal government? Now I know a lot has changed, but I thought CERT was a public service resource.
I go with the old saying, if we are not part of the solution, we are then part of the problem, we need information in order to help with that.
my 2 cents (Canadian)
Cheers:
-
January 24th, 2005, 10:42 PM
#17
CERT changed sometime after 9/11
Department of Homeleand Security
About the same time the little bastards forgot how to spell.............
That is the footer/signature.............it does not get re-typed every time if the communication is genuine...........................
526 "ATTACKS" not systems taken over...............hell that is a real threat to national security...........unless of course they are NORAD, COMSUBPAC, SAC and the rest.......................
HOAX.........................
-
January 24th, 2005, 10:50 PM
#18
Originally posted here by nihil
CERT changed sometime after 9/11
True, but why haven't some other sites started to post about these attacks, most notablity the Internet Storm Center.
They, IMHO are a lot faster at picking up these things than CERT.
Cheers:
-
January 24th, 2005, 10:52 PM
#19
Good eye Nihil
About the same time the little bastards forgot how to spell.............
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
January 24th, 2005, 11:16 PM
#20
Actually Morgana, it was TT who confirmed it to me............it was not a correct English spelling, but we are used to differences between UK and US spellings
The numbers are all wrong.....................526?.................someone like CERT does not publish until they know...............
DjM called it:
They, IMHO are a lot faster at picking up these things than CERT
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|