North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Fw: NIPC Advisory 01-021, "Potential DDoS Attacks"
----- Original Message ----- From: "VanMeter, John" <John.VanMeter@ost.dot.gov> To: "Incidents (E-mail)" <INCIDENTS@SECURITYFOCUS.COM> Sent: Tuesday, September 18, 2001 4:12 AM Subject: NIPC Advisory 01-021, "Potential DDoS Attacks" > > > National Infrastructure Protection Center > "Potential Distributed Denial of Service (DDoS) Attacks" > Advisory 01-021 > 17 September 2001 > > The National Infrastructure Protection Center (NIPC) expects an increase in > Distributed Denial of Service (DDoS) attacks. NIPC Advisory 01-020, > "Increased Cyber Awareness" dated September 14, 2001 warned of threatened > vigilante hacking activity against organizations associated with the > perceived perpetrators of the September 11, 2001 terror attacks. > On September 12, 2001, a group of hackers named the Dispatchers claimed they > had already begun network operations against information infrastructure > components such as routers. The Dispatchers stated they were targeting the > communications and finance infrastructures. They also predicted that they > would be prepared for increased operations on or about Tuesday, September > 18, 2001. > There is the opportunity for significant collateral damage to any computer > network and telecommunications infrastructure that does not have current > countermeasures in place. The Dispatchers claim to have over 1,000 machines > under their control for the attacks. It is likely that the attackers will > mask their operations by using the IP addresses and pirated systems of > uninvolved third parties. > System administrators are encouraged to check their systems for zombie agent > software and ensure they institute best practices such as ingress and egress > filtering. The NIPC has made available the "Find DDoS" tool to determine if > your computer has been infected by the most common DDoS agents. The tool > may be downloaded from the following website: > http://www.nipc.gov/warnings/advisories/2000/00-055.htm. > Additionally, a list of best practices is available from the CERT/CC > website, located at: > http://www.cert.org/security-improvement. > Recipients of this advisory are encouraged to report computer intrusions to > their local FBI office > (http://www.fbi.gov/contact/fo/fo.htm) or the NIPC, and to the other > appropriate authorities. Incidents may be reported online at > http://www.nipc.gov/incident/cirr.htm. The .NIPC Watch and Warning Unit > can be reached at (202) 323-3204/3205/3206 or firstname.lastname@example.org. > > > > > ---------------------------------------------------------------------- ------ > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > >