Re: [iwar] No mass attacks seen yet...
From: David Kennedy CISSP
From: david.kennedy@acm.org
To: iwar@egroups.com
Mon, 01 Jan 2001 21:46:15 -0500
fc Mon Jan 1 18:48:08 2001
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Mon, 01 Jan 2001 18:48:08 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue Jan 2 02:43:58 2001)
X-From_: david.kennedy@acm.org Mon Jan 1 20:43:12 2001
Received: from c3.egroups.com (c3.egroups.com [208.50.99.225]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id UAA03680 for ; Mon, 1 Jan 2001 20:43:07 -0600
X-eGroups-Return: sentto-279987-875-978403633-fc=all.net@returns.onelist.com
Received: from [10.1.4.53] by c3.egroups.com with NNFMP; 02 Jan 2001 02:47:15 -0000
X-Sender: david.kennedy@acm.org
X-Apparently-To: iwar@egroups.com
Received: (EGP: mail-6_3_1_3); 2 Jan 2001 02:47:12 -0000
Received: (qmail 78110 invoked from network); 2 Jan 2001 02:47:12 -0000
Received: from unknown (10.1.10.26) by l7.egroups.com with QMQP; 2 Jan 2001 02:47:12 -0000
Received: from unknown (HELO spaceghost.fuse.net) (216.68.1.121) by mta1 with SMTP; 2 Jan 2001 02:47:11 -0000
Received: from icsa0046 ([216.68.203.183]) by spaceghost.fuse.net (InterMail vK.4.02.00.00 201-232-116 license 55099144ff2ca28e37c1a3433615ef97) with SMTP id <20010102024907.OZDB17981.spaceghost@icsa0046> for ; Mon, 1 Jan 2001 21:49:07 -0500
Message-Id: <3.0.5.32.20010101214615.033d6640@pop.fuse.net>
X-Sender: dmkennedy@pop.fuse.net
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
To: iwar@egroups.com
In-Reply-To: <007101c07429$c7e48fa0$0100000a@fox>
References: <3.0.5.32.20010101134525.030f7e80@pop.fuse.net>
From: David Kennedy CISSP
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, 01 Jan 2001 21:46:15 -0500
Reply-To: iwar@egroups.com
Subject: Re: [iwar] No mass attacks seen yet...
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
At 05:11 PM 1/1/01 +0200, MAGLAN 1 wrote:
>Except the night of the 30th (Dec. 30, 2000) when 81 Israelis web
>site were defaced (up to now almost 100 !).
>Mass? - At least for the 'Israeli proportions'
At 09:33 PM 1/1/01 +0200, MAGLAN 1 wrote:
>Per the message - Confirmed by whom and how ... Just few :
>1. The official Israeli News channel ('Koal Israel' = the Vice of
>Israel). 2. Israeli Tec news 'Sivan.com', 'Walla.co.il'.
>3. MAGLAN monitoring systems.
>4. As was written by Mr. DeLong before see at
>http://www.attrition.org.
http://www.attrition.org/mirror/attrition/2000/12/29/www.yehud.co.il/
^^^^^^^^^^
Then both the reported date and the characterization as a mass attack
are imprecise. A single server was the victim of a single attack,
presumably by a single person or small group, that it hosted multiple
domains is remarkable, it is certainly no cause for alarm by anyone
other than the victim(s) and is not indicative of widespread (mass)
attacks.
Compare this one server to the results achieved by others, for
example IHA versus various educational domains, in the last several
days, or McM4nus vs banks over the last several weeks.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: How long has it been since you backed up your hard drive?
iQCVAwUBOlFA8fGfiIQsciJtAQH7OgQAhupJua3jIeRAm5EKhH3BwfjaElTboP8X
nzwYX7f9ZErksuilfR3Fu6sTNxeLl7lisglgSocMuA+Xfxyvi6IljLu1fCrOq647
B0pFj1aRKnPRr3O3CgOcE4qQGjlbN3kxCcAr0ErmDTJ4BE/4vkoo0c0llkFrCAvo
wNFgD4riBik=
=vbim
-----END PGP SIGNATURE-----
--
Regards,
David Kennedy CISSP
Director of Research Services, TruSecure Corp. http://www.trusecure.com
Protect what you connect.
Look both ways before crossing the Net.
------------------
http://all.net/