Re: If internet goes down out of hours, we're screwed

["Steven Adair" <steven () securityzone org>]

I think you guys are both mixing up CERT (cert.org) and US-CERT
(us-cert.gov) -- both of which have very different functions.  As
mentioned though, you probably wouldn't want to call either if your
Internet goes down.

Steven

> On Mon, 08 Oct 2007 19:55:59 BST, worried security said:
>
> > If you internet goes down out of business hours
> > , don't expect anyone to answer you from CERT.
>
> Actually, if "your internet" goes down, you should probably be calling
> your ISP, not US-CERT.  The vast majority of "down" conditions are
> networking
> issues, not security issues.   And if you're being DDoS'ed, you're *still*
> going to need to deal with your ISP because some NOC monkey is going to
> need
> to do the mitigation, and the CERT guys aren't going to be able to do
> anything
> for you with that anyhow.
>
> > Email:     <mailto:cert () cert org> (monitored during business hours)
>
> Which is as it should be - if you look at the things that are actually
> within
> their purview, it's reasonable to expect it to *not* be a 24/7 mailbox.
> There
> are *other* venues that deal with the sort of things that happen at 2:30AM
> and
> can't wait until 8AM for resolution, and they *are* monitored 24/7.  The
> mere
> fact that you haven't been invited to participate in those venues doesn't
> mean
> they don't exist.
>
> Besides which you overlooked the most obvious point of all:
>
> If your internet is down, you can't e-mail to anybody anyhow.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/