alex@Relcom.EU.NET (Alex P. Rudnev) writes:
More interesting could be the _reasons of attacks_.
(through you should divide _before NATA / after NATA bobbings -:) ).
I don't know about other people, CERT?, but I still see the biggest correlation between the school year and attacks. In particular, there still is the September effect (start of the North American school year) and a rise between spring break and the start of finals in May. But that may just be an artifact of my customer base, or I may be missing the signs. No, this is not a request or challenge to test my security. Serbia, china, nato, etc have gotten a bunch of press coverage. But for the most part they vanish into the noise of what goes on every day. If the FBI put up an IRC server, then I would worry and try to get as far away as possible.... I guess we now know why the FBI didn't come to Eugene last week. I found the NIST report on infrastructure attacks interesting because historically phreakers/crackers have rarely gone after the network infrastructure they used. They did go after the billing and fraud systems, but usually left the network elements operating (sometimes with improvements). Since the Internet didn't have billing or fraud systems built into the backbone infrastructure, that eliminated a normally attractive target.
From an operations point of view, are people seeing more attacks on the backbone infrastructure itself than in the past? Sure, routers have fallen over in the past due to denial of service attacks. Which were usually directed at a host system, and the router was just collateral damage. But the only backbone infrastructure I can think of ever being attacked directly was AGIS during the spam years. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation