Fwd: Latest CERT/CC attack trends

From: Kastenholz, Frank (FKastenholz@unispherenetworks.com)
Date: Wed Apr 10 2002 - 08:47:28 EDT


there is some stuff of interest to this community
in the cert publication.

Frank Kastenholz

>From: Sean Donelan <sean@donelan.com>
>To: nanog@merit.edu
>Subject: Latest CERT/CC attack trends
>
>CERT/CC has published a paper on the latest trends in malicious
>attacks (not accidents, operator error, etc) on the Internet.
>http://www.cert.org/archive/pdf/attack_trends.pdf
>
>CERT/CC identifies four increasing trends affecting the network
>infrastructure:
> 1. Distributed Denial of Service - From an infrastructure point
> of view this is a resource exhaustion issue (bandwidth, arp
> tables, cpu, etc)
> 2. Worms - Really a vector rather than a different attack, how the
> attack payload is delivered
> 3. Attacks on the Domain Name System - Registry security, cache issues
> at all levels, out of date server software
> 4. Attacks against or using routers - Transitive trust issues,
> control/data seperation, poorly secured routers used as attack
> platforms

==================================================
My preferrred signature is:
        This information is for the sole use of
        whoever receives it and may contain confusing,
        enlightening, enraging, entertaining,
        irritating, or just plain stupid information,
        including without limitation, double-secret-
        probation information belonging to [CENSORED
        BY THE NSA/FBI/MOUSE]. Any unauthorized review,
        use, disclosure, or distribution outside of an
        establishment serving alchohol is prohibited on
        days that do not end in Y.
But our ******'d lawyers would rather have:

=======================================
This email message is for the sole use of the intended recipient (s) and may
contain confidential and privileged information, including without
limitation, Confidential and/or Proprietary Information belonging to
Unisphere Networks, Inc. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply email and destroy all copies of the original
message.



This archive was generated by hypermail 2b29 : Mon Aug 04 2003 - 04:10:04 EDT