[iwar] [fc:NIPC.advisory:."Potential.Distributed.Denial.of.Service.(DDoS).Attacks"]

• Next message: Fred Cohen: "[iwar] [fc:Were.Terrorists.Short-Selling?]"
• Previous message: Robert W. Miller: "[iwar] FW: America - Infrastructure Risk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Return-Path: <sentto-279987-2003-1000803222-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 18 Sep 2001 01:55:08 -0700 (PDT)
Received: (qmail 7413 invoked by uid 510); 18 Sep 2001 08:53:57 -0000
Received: from n22.groups.yahoo.com (216.115.96.72) by 204.181.12.215 with SMTP; 18 Sep 2001 08:53:57 -0000
X-eGroups-Return: sentto-279987-2003-1000803222-fc=all.net@returns.onelist.com
Received: from [10.1.4.56] by cj.egroups.com with NNFMP; 18 Sep 2001 08:53:43 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_3_2_2); 18 Sep 2001 08:53:41 -0000
Received: (qmail 53897 invoked from network); 18 Sep 2001 05:22:00 -0000
Received: from unknown (10.1.10.27) by l10.egroups.com with QMQP; 18 Sep 2001 05:22:00 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 18 Sep 2001 05:22:00 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id WAA25460 for iwar@onelist.com; Mon, 17 Sep 2001 22:21:59 -0700
Message-Id: <200109180521.WAA25460@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 17 Sep 2001 22:21:59 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:NIPC.advisory:."Potential.Distributed.Denial.of.Service.(DDoS).Attacks"]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

National Infrastructure Protection Center

"Potential Distributed Denial of Service (DDoS) Attacks"

Advisory 01-021

17 September 2001

The National Infrastructure Protection Center (NIPC) expects an increase
in Distributed Denial of Service (DDoS) attacks.
NIPC Advisory 01-020, "Increased Cyber Awareness" dated September 14,
2001 warned of threatened vigilante hacking activity
against organizations associated with the perceived perpetrators of the
September 11, 2001 terror attacks.

On September 12, 2001, a group of hackers named the Dispatchers claimed
they had already begun network operations against
information infrastructure components such as routers. The Dispatchers
stated they were targeting the communications and
finance infrastructures. They also predicted that they would be prepared
for increased operations on or about Tuesday,
September 18, 2001.

There is the opportunity for significant collateral damage to any
computer network and telecommunications infrastructure
that does not have current countermeasures in place. The Dispatchers
claim to have over 1,000 machines under their control
for the attacks. It is likely that the attackers will mask their
operations by using the IP addresses and pirated systems
of uninvolved third parties.

System administrators are encouraged to check their systems for zombie
agent software and ensure they institute best
practices such as ingress and egress filtering. The NIPC has made
available the "Find DDoS" tool to determine if your
computer has been infected by the most common DDoS agents. The tool may
be downloaded from the following website:

<a href="http://www.nipc.gov/warnings/advisories/2000/00-055.htm">http://www.nipc.gov/warnings/advisories/2000/00-055.htm>.

Additionally, a list of best practices is available from the CERT/CC
website, located at:

<a href="http://www.cert.org/security-improvement">http://www.cert.org/security-improvement>.

Recipients of this advisory are encouraged to report computer intrusions
to me at either the email address or telephone
number below, or NIPC, and to other appropriate authorities. Incidents
may be reported online at
<a href="http://www.nipc.gov/incident/cirr.htm">http://www.nipc.gov/incident/cirr.htm>. The NIPC Watch and Warning Unit
can be reached at (202) 323-3204/3205/3206 or
nipc.watch@fbi.gov.

    Recipients of this message are authorized to forward this Advisory
to associates within your organization, as well as
others deemed appropriate.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Secure all your Web servers now: Get your FREE Guide and learn to: DEPLOY THE LATEST ENCRYPTION,
DELIVER TRANSPARENT PROTECTION, and More!
http://us.click.yahoo.com/k0k.gC/nT7CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

• Next message: Fred Cohen: "[iwar] [fc:Were.Terrorists.Short-Selling?]"
• Previous message: Robert W. Miller: "[iwar] FW: America - Infrastructure Risk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:44 PDT