Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Large ISP response to Code Red?

From: David Hickman <dhickman () yahoo com>
Date: Tue, 31 Jul 2001 10:49:13 -0500
As an OpSec engineer, one of the bigger problems is getting the downstreams to fix their systems. About 80% of the time, I have to threaten null routing and admining down pvcs in order to get someone to fix something. 

dhh


At 20:45 -0400 7/30/01, Christian Kuhtz wrote:

"Jon O ." wrote:

 Have these ISPs confirmed they have taken action to prevent
 an even worse reinfection phase than the first time and if not
 why?


Anything in particular that you have in mind for an SP to do 'to prevent an
even worse reinfection phase' which is specific to Code Red?  It's probably
important to remember that there's a distinction to be made here between the
SP's infrastructure and SP's customers.

Cheers,
Chris

--
Christian Kuhtz <ck () arch bellsouth net> -wk, <ck () gnu org> -hm
Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S.
"I speak for myself only."

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



--

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: