Information Security News mailing list archives
Re: Denial of Service Attacks Planned For Christmas - ISS
From: Michael Wilson <partners () 7PILLARS COM>
Date: Sun, 19 Nov 2000 23:43:36 -0800
Welcome to just one of the many things that suck about the 'industry' that's developed around info ops and info assurance. You're obviously correct about the lack of editorial control... but look at the 'journalism' and the assertions by the sources, and it's absurd on the face. How do they 'know' when an attack is planned? The usual confusion about capabilities an intentions. The coupling of the claim with the press release (honest guys, PR newswire isn't that expensive, just use it an be honest). Sigh. Michael Wilson www.7pillars.com On Sun, 19 Nov 2000, Bronc Buster wrote:
I am sorry, but am I the only one who read through this, and wondered what do they have to back up their claims? This story offers up a zing bang topic with no facts or anything backing up ISS claims. What editor let this story out? This reminds me of all the tiny start-up security companies that popped up after the last DDoS attacks with claims of another trojan, or some other attack looming in the near future, so that they could get some free media coverage and make it on the morning talk shows. Hey, right or wrong, they got press for their company. Who cares if they spread more FUD and scared a lot of AOL users and tiny ISPs across the world... :/ On Fri, 17 Nov 2000, William Knowles wrote:http://www.newsbytes.com/news/00/158336.html By Steve Gold, Newsbytes ATLANTA, GEORGIA, U.S.A., 17 Nov 2000, 12:35 PM CST X-Force, the research and development (R&D) team of Internet Security Systems [NASDAQ:ISSX] (ISS), has warned that hackers are planning an online attack-fest this coming Christmas. The attacks, if they occur, will take the form of distributed denial of service (DDOS) invasions, a hacker flooding technique used earlier this year - and since - to effectively flood out a major Web site and prevent normal users from gaining access, ISS said. The technique was used in February of this year when Amazon, Buy.com, CNN Interactive, eBay and a number of other high-profile sites were downed by hackers, apparently using DDOS applications known as "Trinoo," "Stacheldraht" and "TFN2K." ISS was one of the first IT security companies to issue an advisory over DDOS attacks back in early February, warning Web site managers to be aware that the offending applications could bring down an enterprise network or e-commerce site by flooding it with large amounts of traffic. In addition, the firm advised that, while there is little that sites can do to prevent such attacks, companies can take steps to ease the pain, including assembling an incident response team, tapping resources from the organization's Internet service provider (ISP) and the computer emergency response team (CERT) advisory team. ISS has also advised organizations to establish links with local law enforcement authorities, so that, if an attack occurs, the appropriate people can be notified quickly. A spokesperson for ISS told Newsbytes that the firm has detected a definite pattern amongst DDOS attacks and, coupled with its knowledge of the hacker community, is warning major sites to be on alert for attacks this Christmas. The need for preparation amongst major Web site operators is great, the company says; only 10 percent of Web sites with e-commerce operations have preparations in place. In parallel with its warning of impending DDOS attacks this Christmas, ISS has teamed up with NOCpulse, a newly launched provider of outsourced Internet infrastructure management services, to deliver managed security services to customers. As an emerging services provider, NOCpulse plans to add ISS' managed security service offerings and operational expertise to major customers, As a result, ISS says that NOCpulse customers will have access to key managed security services offerings as well as top notch security expertise. Mark Hangen, ISS' general manager of managed security services, said that NOCpulse represents a new breed of managed service provider (MSP) that can give companies the information they need to proactively manage their Internet infrastructure. Paul Anatinelli, NOCpulse's founder and president, meanwhile, said that the NOCpulse command center is the first Internet operational support service (IOSS) designed to give customers full control over their Internet infrastructure, ISS' Web site is at http://www.iss.net . NOCpulse's Web site is at http://www.nocpulse.com . *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Denial of Service Attacks Planned For Christmas - ISS William Knowles (Nov 19)
- Re: Denial of Service Attacks Planned For Christmas - ISS Bronc Buster (Nov 20)
- Re: Denial of Service Attacks Planned For Christmas - ISS Michael Wilson (Nov 21)
- Re: Denial of Service Attacks Planned For Christmas - ISS Dave Dittrich (Nov 23)
- Re: Denial of Service Attacks Planned For Christmas - ISS Bronc Buster (Nov 20)