On 5/23/07, ge@linuxbox.org <ge@linuxbox.org> wrote:
I just now got from a 6 hours beer fest with ISP/CERT/military/etc. guys who have been working on these attacks on Estonian infrastructure for the past 3 weeks here in Tallinn.. so if I make less sense than usual, please forgive me. Beer good.
Sitting with these folks for the past week, I got so impressed with the abuse handling work they are doing that even I, who had a very negative opinion of Estonia and cyber-crime, completely changed my mind.
Their CERT is *extremely* responsive, their ISPs are all talking and cooperating on abuse and security (and drinking beer). Things are very different from what they were even just a year ago. Even their Police force is clued.
If anyone has issues in Estonia, I'd strongly urge you to contact the Estonian CERT at www.cert.ee, and you most likely won't get disappointed. A lot of good people over here.
Gadi.
How serious was the attack really? The national press reporting was either nonexistent or hysterical (Cyberwar! Woo!), but it didn't disturb anyone to post to NANOG at any point, and it does not seem to have had any measurable real-world consequences. Was this because a) it wasn't really that serious, b) it was serious but mitigation was successful, or c) being well-mitigated (BCP38 and the like) from the word go, its seriousness or otherwise wasn't obvious?