Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: CERT Warning

  1. #11
    Senior Member
    Join Date
    Aug 2001
    Posts
    117
    200.0.0.0 is on my block list, I have had strange and questionable traffic from here. I don't need to get any traffic from here so I just block the subnet.

    No offense Brazil... I still love Brazil =)
    Luck--TSM
    Atlanta, GA


  2. #12
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by chsh

    Or it could be real and you're not supposed to be sending it around.
    You may be right chsh, however, if it is real and it's having am impact on the "members" of that site, does it not effect us all. Why are we (the unwashed security professionals) not allowed to have access to this infomation which may (or may not) have an impact on the networks we are paid to protect?

    If there is something going on out there, don't we all have to know about it so we can take steps to protect/stop the attackes?

    Cheers:
    DjM

  3. #13
    Banned
    Join Date
    Sep 2004
    Posts
    305
    Department of Homeleand Security

    ^^^^

    Never knew the Department of Homeland Security changed their names.

  4. #14
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by DjM
    (the unwashed security professionals)
    First off ... ROTFL ... nice! I like that muchly, and will use it to skewer my DoD-employed bretheren at the next InfoSec Geek Association meeting I go to (there's a heavy US gov't presence in my home city, so a large portion of our group is from Military/gov't contract agencies. Read: clearances, and lot's of them.)

    OK...you've answered your own question. Since when does the federal government (here in Apple Pie land) tell us everything they are doing? Also, I'd say the message looks like they are trying to gather info and assess what is going on...so why make a big announcement that says "We are tracking something! Maybe! It could be nothing, really, but we don't know yet! More to come later!"

    It's probably a 'short list announcement/request for info' so they can figure out what it really is they're seeing, or what the scope of a known issue really is. Then we'll know (or maybe not) when they make a formal announcement (or not.)
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #15
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Yup, request for info:
    Please disseminate to your owner operators ASAP so US-CERT can judge the national impact of these compromised systems.
    They are still trying to figure out WTF, over?
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  6. #16
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by zencoder
    Since when does the federal government (here in Apple Pie land) tell us everything they are doing?
    Correct me if I am wrong, but when did CERT become controlled by the federal government? Now I know a lot has changed, but I thought CERT was a public service resource.

    I go with the old saying, if we are not part of the solution, we are then part of the problem, we need information in order to help with that.

    my 2 cents (Canadian)

    Cheers:
    DjM

  7. #17
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    CERT changed sometime after 9/11

    Department of Homeleand Security
    About the same time the little bastards forgot how to spell.............

    That is the footer/signature.............it does not get re-typed every time if the communication is genuine...........................

    526 "ATTACKS" not systems taken over...............hell that is a real threat to national security...........unless of course they are NORAD, COMSUBPAC, SAC and the rest.......................

    HOAX.........................

  8. #18
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by nihil
    CERT changed sometime after 9/11
    True, but why haven't some other sites started to post about these attacks, most notablity the Internet Storm Center.

    They, IMHO are a lot faster at picking up these things than CERT.

    Cheers:
    DjM

  9. #19
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Good eye Nihil

    About the same time the little bastards forgot how to spell.............
    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #20
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Actually Morgana, it was TT who confirmed it to me............it was not a correct English spelling, but we are used to differences between UK and US spellings

    The numbers are all wrong.....................526?.................someone like CERT does not publish until they know...............

    DjM called it:

    They, IMHO are a lot faster at picking up these things than CERT

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •