Re: Denial of Service Attacks Planned For Christmas - ISS

[Michael Wilson <partners () 7PILLARS COM>]

Welcome to just one of the many things that suck about the 'industry' that's
developed around info ops and info assurance.

You're obviously correct about the lack of editorial control...  but look at
the 'journalism' and the assertions by the sources, and it's absurd on the
face.  How do they 'know' when an attack is planned?  The usual confusion about
capabilities an intentions.  The coupling of the claim with the press release
(honest guys, PR newswire isn't that expensive, just use it an be honest).

Sigh.

Michael Wilson
www.7pillars.com

On Sun, 19 Nov 2000, Bronc Buster wrote:

>  I am sorry, but am I the only one who read through this, and wondered
> what do they have to back up their claims? This story offers up a zing
> bang topic with no facts or anything backing up ISS claims. What editor
> let this story out?
>
>  This reminds me of all the tiny start-up security companies that popped
> up after the last DDoS attacks with claims of another trojan, or some
> other attack looming in the near future, so that they could get some free
> media coverage and make it on the morning talk shows. Hey, right or wrong,
> they got press for their company. Who cares if they spread more FUD and
> scared a lot of AOL users and tiny ISPs across the world... :/
>
>
>
>
> On Fri, 17 Nov 2000, William Knowles wrote:
>
> > http://www.newsbytes.com/news/00/158336.html
> >
> > By Steve Gold, Newsbytes
> > ATLANTA, GEORGIA, U.S.A.,
> > 17 Nov 2000, 12:35 PM CST
> >
> > X-Force, the research and development (R&D) team of Internet Security
> > Systems [NASDAQ:ISSX] (ISS), has warned that hackers are planning an
> > online attack-fest this coming Christmas.
> >
> > The attacks, if they occur, will take the form of distributed denial
> > of service (DDOS) invasions, a hacker flooding technique used earlier
> > this year - and since - to effectively flood out a major Web site and
> > prevent normal users from gaining access, ISS said.
> >
> > The technique was used in February of this year when Amazon, Buy.com,
> > CNN Interactive, eBay and a number of other high-profile sites were
> > downed by hackers, apparently using DDOS applications known as
> > "Trinoo," "Stacheldraht" and "TFN2K."
> >
> > ISS was one of the first IT security companies to issue an advisory
> > over DDOS attacks back in early February, warning Web site managers to
> > be aware that the offending applications could bring down an
> > enterprise network or e-commerce site by flooding it with large
> > amounts of traffic.
> >
> > In addition, the firm advised that, while there is little that sites
> > can do to prevent such attacks, companies can take steps to ease the
> > pain, including assembling an incident response team, tapping
> > resources from the organization's Internet service provider (ISP) and
> > the computer emergency response team (CERT) advisory team.
> >
> > ISS has also advised organizations to establish links with local law
> > enforcement authorities, so that, if an attack occurs, the appropriate
> > people can be notified quickly.
> >
> > A spokesperson for ISS told Newsbytes that the firm has detected a
> > definite pattern amongst DDOS attacks and, coupled with its knowledge
> > of the hacker community, is warning major sites to be on alert for
> > attacks this Christmas.
> >
> > The need for preparation amongst major Web site operators is great,
> > the company says; only 10 percent of Web sites with e-commerce
> > operations have preparations in place.
> >
> > In parallel with its warning of impending DDOS attacks this Christmas,
> > ISS has teamed up with NOCpulse, a newly launched provider of
> > outsourced Internet infrastructure management services, to deliver
> > managed security services to customers.
> >
> > As an emerging services provider, NOCpulse plans to add ISS' managed
> > security service offerings and operational expertise to major
> > customers,
> >
> > As a result, ISS says that NOCpulse customers will have access to key
> > managed security services offerings as well as top notch security
> > expertise.
> >
> > Mark Hangen, ISS' general manager of managed security services, said
> > that NOCpulse represents a new breed of managed service provider (MSP)
> > that can give companies the information they need to proactively
> > manage their Internet infrastructure.
> >
> > Paul Anatinelli, NOCpulse's founder and president, meanwhile, said
> > that the NOCpulse command center is the first Internet operational
> > support service (IOSS) designed to give customers full control over
> > their Internet infrastructure,
> >
> > ISS' Web site is at http://www.iss.net .
> >
> > NOCpulse's Web site is at http://www.nocpulse.com .
> >
> >
> > *==============================================================*
> > "Communications without intelligence is noise;  Intelligence
> > without communications is irrelevant." Gen Alfred. M. Gray, USMC
> > ================================================================
> > C4I.org - Computer Security, & Intelligence - http://www.c4i.org
> > *==============================================================*
> >
> > ISN is hosted by SecurityFocus.com
> > ---
> > To unsubscribe email LISTSERV () SecurityFocus com with a message body of
> > "SIGNOFF ISN".
>
> ISN is hosted by SecurityFocus.com
> ---
> To unsubscribe email LISTSERV () SecurityFocus com with a message body of
> "SIGNOFF ISN".

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".