Re: If internet goes down out of hours, we're screwed

[Valdis.Kletnieks () vt edu]

On Mon, 08 Oct 2007 19:55:59 BST, worried security said:

> If you internet goes down out of business hours
> , don't expect anyone to answer you from CERT.

Actually, if "your internet" goes down, you should probably be calling
your ISP, not US-CERT.  The vast majority of "down" conditions are networking
issues, not security issues.   And if you're being DDoS'ed, you're *still*
going to need to deal with your ISP because some NOC monkey is going to need
to do the mitigation, and the CERT guys aren't going to be able to do anything
for you with that anyhow.

> Email:     <mailto:cert () cert org> (monitored during business hours)

Which is as it should be - if you look at the things that are actually within
their purview, it's reasonable to expect it to *not* be a 24/7 mailbox.  There
are *other* venues that deal with the sort of things that happen at 2:30AM and
can't wait until 8AM for resolution, and they *are* monitored 24/7.  The mere
fact that you haven't been invited to participate in those venues doesn't mean
they don't exist.

Besides which you overlooked the most obvious point of all:

If your internet is down, you can't e-mail to anybody anyhow.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/