Any network ops from the major providers care to comment on what they're seeing? Not seeing much discussion about this NIPC alert through overt or back-channels, I'm tempted to place this in the FUDDY fear-mongering category under Homeland Security Color Code Fuschia. <SATIRE> Let's think for a moment - there's not been much activity on the "cyber" side of Homeland Hysteria -- er, Homeland Security -- as of late, so perhaps they wanted to let the world know that "cyber" folks were still a part of the game....? I mean, this *is* the same entity - America's self-monikered cybercrime agency - that announced the Melissa virus with this on their website: http://www.infowarrior.org/articles/NIPC.jpg. It took them several hours to revise the page, by which time we had already received detailed warnings, signatures, and remediation guidance from any number of other sources. These guys were the laughing stock of the security community. </SATIRE> If NIPC hascredible, specific information, they should release it. Otherwise they should keep their mouths shut. Technology operations folks have enough things to worry about during the day - from getting the latest Mickeysoft patches deployed to resetting the bumbling executive's passwords to uploading revised routes onto a Cisco on a longhaul backbone to support a new customer -- they don't have time to be "extra vigilant" for shadowy alerts of potential attack-type events that might happen tonight - but might not - we're not really sure, but be on guard anyway. (okay, maybe I wasn't quite done with satire yet.) Memo to NIPC: Give us real, useful information, not this piecemeal drivel that doesn't do anything but cover your tail -- if something happens, we all know you can defend yourself and truthfully proclaim "we did post a warning" - despite its questionable value to your intended audience. This sort of game might be acceptable in the 'traditional' security and intelligence community, but the private sector won't pay it much attention when they have other, more pressing, more current problems that they ALREADY KNOW ABOUT, security or otherwise. Incidentially, state and local law enforcement feel the same way about the repeated FBI terror alerts that essentially say "something might happen sometime in the future, so stay on alert".....these local police entities must contend with violent crime, drugs, gangs, and KNOWN problems affecting their constituiencies and communities on a daily basis -- they'll give more attention to those day-to-day hometown issues than vague alerts of potential gloom and doom in the potential future based on potentially unconfirmed information. </RANT> Bah. In the interests of bandwidth conservation on the list, comments welcomed off-line. I need more coffee.... rick infowarrior.org
From: "Al Rowland" <alan_r1@corp.earthlink.net> Date: Tue, 6 Aug 2002 10:27:56 -0700 To: <nanog@merit.edu> Subject: RE: U.S. monitoring Internet attacks (fwd)
FUD from Washington. No, that never happens.
Or perhaps Victoria's Secret had another webcast. ;) End satire.
Best regards, _________________________ Alan Rowland
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Christopher X. Candreva Sent: Tuesday, August 06, 2002 10:04 AM To: nanog@merit.edu Subject: U.S. monitoring Internet attacks (fwd)
Anyone have any specifics on this ? I haven't seen anything.
From the Aug 6 2002 Chicago Tribune -- http://www.chicagotribune.com/technology/sns-internetattack.story
U.S. monitoring Internet attacks By Ted Bridis
WASHINGTON -- The government was monitoring a series of electronic attacks launched early today against U.S. Internet providers, hours after European authorities passed warnings to the FBI predicting the attacks.
The impact from the attacks appeared limited, and there were no reports of outages or even delayed e-mails.
A flood of data, spiking nearly 700 percent more than usual traffic, was aimed at Internet providers and Web sites on the East coast starting about 2 a.m. EDT, then shifted toward providers and sites on the West coast, said a U.S. official, speaking on condition of anonymity.
But unlike some recent so-called "denial of service" attacks, which employed hundreds or thousands of computers to overwhelm Web sites, this latest attack appeared to be coming from a relatively small number of machines, the official said. That has allowed Internet providers to protect their networks more easily by filtering data from the attacking computers.
The FBI issued a dramatic warning hours before the attacks started, based on information from Italian authorities, the U.S. official said. The alert cited "credible but non-specific information that wide-scale hacker attacks" were planned against U.S. Web sites and Internet providers, "possibly emanating from Western Europe."
The earliest attacks targeted East Coast companies, including some in Virginia and Maryland, then shifted to target sites in Seattle, the official said. The White House and FBI's National Infrastructure Protection Center were monitoring the attacks.
Some experts indicated the attacks were so easily foiled that they did not register any impact on the health of the Internet.
"We haven't seen anything out of the ordinary," said Chris Rouland of Atlanta-based Internet Security Systems Inc., which sells protective software to thousands of companies. "We're paying attention to any sites that may go down."
Copyright 2002, The Associated Press