Return-Path: <sentto-279987-4022-1007566026-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 05 Dec 2001 07:28:07 -0800 (PST) Received: (qmail 20655 invoked by uid 510); 5 Dec 2001 15:27:29 -0000 Received: from n2.groups.yahoo.com (216.115.96.52) by all.net with SMTP; 5 Dec 2001 15:27:29 -0000 X-eGroups-Return: sentto-279987-4022-1007566026-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.166] by n2.groups.yahoo.com with NNFMP; 05 Dec 2001 15:27:06 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_2); 5 Dec 2001 15:27:06 -0000 Received: (qmail 59681 invoked from network); 5 Dec 2001 15:27:05 -0000 Received: from unknown (216.115.97.167) by m12.grp.snv.yahoo.com with QMQP; 5 Dec 2001 15:27:05 -0000 Received: from unknown (HELO red.all.net) (12.232.125.69) by mta1.grp.snv.yahoo.com with SMTP; 5 Dec 2001 15:27:05 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fB5FR8u13204 for iwar@onelist.com; Wed, 5 Dec 2001 07:27:08 -0800 Message-Id: <200112051527.fB5FR8u13204@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 5 Dec 2001 07:27:08 -0800 (PST) Subject: [iwar] [fc:Computer.Security.Advisory.Site.Suffers.Attack] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Computer Security Advisory Site Suffers Attack By Brian McWilliams, Newsbytes, 12/5/2001 <a href="http://www.newsbytes.com/news/01/172687.html">http://www.newsbytes.com/news/01/172687.html> The Web site of the Computer Emergency Response Team (CERT) is undergoing a distributed denial of service attack, officials at the federally funded computer security clearinghouse confirmed today. As a result of the attack, the CERT.org site was intermittently unreachable today for many Internet users. CERT, located at Carnegie Mellon University, provides advisories and other information about security vulnerabilities as well as serving as a coordination center for reports of security incidents. A CERT representative declined to provide details about the nature of the attack. A new Internet worm known as Goner, which contains a denial of service component, was not responsible for the attack on CERT.org, the official added. In a denial of service attack, malicious users deploy special tools that corral numerous compromised computers and create a flood of data that makes a site unreachable by legitimate users. Reports from Internet users suggest the attack appeared primarily to affect access to the CERT.org site for visitors whose Web page requests travel over network backbones provided by AT&T. A spokesperson for AT&T's global network operations center, however, said the company was not experiencing any denial of service conditions anywhere on its network. A security expert, who asked not to be identified, said CERT may have detected that the attack was coming from systems on AT&T's network and subsequently implemented filters that are blocking all incoming traffic from AT&T. CERT's site is a frequent target for attacks. Last May, the CERT site was unreachable for several days during a similar denial of service attack. Despite the Web site availability problems today, CERT continues to process incident and vulnerability reports, according to the representative. A document on the Goner worm was posted at the CERT site today. Separately, the operators of Safemode.org, which archives Web page defacements, said their site was back online this week after denial of service attacks knocked it off the Internet for several months. CERT is on the Web at http://www.cert.org . Safemode is at http://www.safemode.org . ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 21:00:00 PST