Return-Path: <sentto-279987-3791-1005061843-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 06 Nov 2001 07:52:07 -0800 (PST) Received: (qmail 31008 invoked by uid 510); 6 Nov 2001 15:49:47 -0000 Received: from n15.groups.yahoo.com (216.115.96.65) by 204.181.12.215 with SMTP; 6 Nov 2001 15:49:47 -0000 X-eGroups-Return: sentto-279987-3791-1005061843-fc=all.net@returns.groups.yahoo.com Received: from [10.1.4.54] by n15.groups.yahoo.com with NNFMP; 06 Nov 2001 15:50:35 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 6 Nov 2001 15:50:42 -0000 Received: (qmail 57005 invoked from network); 6 Nov 2001 15:50:42 -0000 Received: from unknown (216.115.97.167) by m10.grp.snv.yahoo.com with QMQP; 6 Nov 2001 15:50:42 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta1.grp.snv.yahoo.com with SMTP; 6 Nov 2001 15:50:42 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fA6FofD16396 for iwar@onelist.com; Tue, 6 Nov 2001 07:50:41 -0800 Message-Id: <200111061550.fA6FofD16396@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 6 Nov 2001 07:50:41 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:NIPC.ADVISORY.01-026] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit ADVISORY 01-026 "Increased Potential for Distributed Denial of Service (DDoS) Attacks" November 02, 2001 The National Infrastructure Protection Center (NIPC) issued Advisory 01-021 on 17 September 2001 concerning "Potential Distributed Denial of Service (DDoS) Attacks." Cyber protests and hacktivist activity have increased since Advisory 01-021 was issued and the potential for targeting U.S. organizations is higher than in September. In the aftermath of the 11 September attacks, hacking groups have formed and participated in pro-U.S. and anti-U.S. cyber activities, fought mainly through web defacements. There has been minimal activity in the form of DDoS attacks, mostly between opposing protesting groups. NIPC has reason to believe that the potential for future DDoS attacks is high. The protesters have indicated they are targeting web sites of the U.S. Department of Defense and organizations that support the critical infrastructure of the United States, but many businesses and other organizations—some completely unrelated to the events—have been victims. In the current situation, infrastructure support systems must take a defensive posture and remain vigilant at a higher state of alert. System administrators are encouraged to check their systems for zombie agent software and ensure they institute best practices such as ingress and egress filtering. A list of best practices is available from the CERT/CC website, located at: <a href="http://www.cert.org/security-improvement">http://www.cert.org/security-improvement>. Recipients of this advisory are encouraged to report computer intrusions to me or NIPC, and to the other appropriate authorities. Incidents may be reported online at <a href="http://www.nipc.gov/incident/cirr.htm">http://www.nipc.gov/incident/cirr.htm>. The NIPC Watch and Warning Unit can be reached at (202) 323-3204/3205/3206 or nipc.watch@fbi.gov. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST