[iwar] [fc:Computer.Security.Advisory.Site.Suffers.Attack]

From: Fred Cohen (fc@all.net)
Date: 2001-12-05 07:27:08

Next message: Fred Cohen: "[iwar] [fc:Attorney.general's.task.force.to.study.computer.terrorism]"
Previous message: Fred Cohen: "[iwar] [fc:EMERGENCY.ALERT:.W32/Goner-A.worm.spreading.widely]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-Id: <200112051527.fB5FR8u13204@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Wed, 5 Dec 2001 07:27:08 -0800 (PST)
Subject: [iwar] [fc:Computer.Security.Advisory.Site.Suffers.Attack]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Computer Security Advisory Site Suffers Attack 
By Brian McWilliams, Newsbytes, 12/5/2001
<a href="http://www.newsbytes.com/news/01/172687.html">http://www.newsbytes.com/news/01/172687.html>

The Web site of the Computer Emergency Response Team (CERT) is
undergoing a distributed denial of service attack, officials at the
federally funded computer security clearinghouse confirmed today. 
As a result of the attack, the CERT.org site was intermittently
unreachable today for many Internet users. 
CERT, located at Carnegie Mellon University, provides advisories and
other information about security vulnerabilities as well as serving as a
coordination center for reports of security incidents. 
A CERT representative declined to provide details about the nature of
the attack. A new Internet worm known as Goner, which contains a denial
of service component, was not responsible for the attack on CERT.org,
the official added. 
In a denial of service attack, malicious users deploy special tools that
corral numerous compromised computers and create a flood of data that
makes a site unreachable by legitimate users. 
Reports from Internet users suggest the attack appeared primarily to
affect access to the CERT.org site for visitors whose Web page requests
travel over network backbones provided by AT&amp;T. 
A spokesperson for AT&amp;T's global network operations center, however,
said the company was not experiencing any denial of service conditions
anywhere on its network. 
A security expert, who asked not to be identified, said CERT may have
detected that the attack was coming from systems on AT&amp;T's network and
subsequently implemented filters that are blocking all incoming traffic
from AT&amp;T. 
CERT's site is a frequent target for attacks. Last May, the CERT site
was unreachable for several days during a similar denial of service
attack. 
Despite the Web site availability problems today, CERT continues to
process incident and vulnerability reports, according to the
representative. A document on the Goner worm was posted at the CERT site
today. 
Separately, the operators of Safemode.org, which archives Web page
defacements, said their site was back online this week after denial of
service attacks knocked it off the Internet for several months. 
CERT is on the Web at http://www.cert.org . 
Safemode is at http://www.safemode.org .

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

Next message: Fred Cohen: "[iwar] [fc:Attorney.general's.task.force.to.study.computer.terrorism]"
Previous message: Fred Cohen: "[iwar] [fc:EMERGENCY.ALERT:.W32/Goner-A.worm.spreading.widely]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-12-31 21:00:00 PST