Educause Security Discussion mailing list archives
Re: Blaster notifications
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Wed, 13 Aug 2003 09:23:21 -0500
I lied. /21 numbers were NOT sent to those contacts in the initial notification, but will be given to the campus if they reply and ask for them. M. -- Mark S. Bruhn, CISSP, CISM Chief IT Security and Policy Officer Interim Director, Research and Educational Networking Information Sharing and Analysis Center (ren-isac () iu edu) Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu -----Original Message----- From: Bruhn, Mark S. Sent: Wednesday, August 13, 2003 9:20 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Blaster notifications We directly notified some 16 organizations yesterday (10 Abilene sites and the others non-Abilene-connected), where they clearly had widespread Blaster worm infections. The problem was indicated by a *very* high level of outbound port 135 traffic from those networks. The contact used was the contact maintained for the organization in the Abilene technical contact database, and /21 network numbers were sent to those individuals. So, some of you may not have seen that communication. I'll refrain from commenting on the fact that some campuses haven't (or hadn't) apparently taken recommended steps to protect themselves and the rest of us from these evils. Well, I guess I just did comment... By the way, Doug Pearson is now the Director -- albeit still an Interim -- of the REN-ISAC. He and I will be working on formalizing communications procedures from the ISAC over the next weeks. But, you will be seeing his name on most of these probably, from now on. I'm going to back to concentrating on my other two jobs. M. -- Mark S. Bruhn, CISSP, CISM Chief IT Security and Policy Officer Associate Director, Center for Applied Cybersecurity Research Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Blaster notifications Bruhn, Mark S. (Aug 13)
- <Possible follow-ups>
- Re: Blaster notifications Bruhn, Mark S. (Aug 13)