Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-02-06 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CAIDA Report on Blackworm

Published: 2006-02-06
Last Updated: 2006-02-06 19:08:32 UTC
by Marcus Sachs (Version: 1)
0 comment(s)
An analysis by David Moore and Colleen Shannon at CAIDA of the spread of the Nyxem (or Blackworm or Kama Sutra or MyWife or CME 24) Virus in January and early February 2006 is available from their web site.  This is a very nice analysis with descriptions, charts, graphs, and figures.

Keywords:
0 comment(s)

Cyber Storm Exercise

Published: 2006-02-06
Last Updated: 2006-02-06 15:31:14 UTC
by Marcus Sachs (Version: 1)
0 comment(s)
We've had a few readers write to us asking about the US Department of Homeland Security's Cyber Storm exercise.  Right up front we should remind everybody that the DHS will not be firing cyber bullets at your networks this coming week.  The exercise is scenario-driven and is designed to test the intercommunication capabilities and response procedures for several agencies and some private sector companies.  More details are contained in a Federal Computer Week article published last week.  No information is available yet from the DHS public web site, but if we find out more we'll post the links.

Keywords:
0 comment(s)

DShield is Famous

Published: 2006-02-06
Last Updated: 2006-02-06 15:29:07 UTC
by Marcus Sachs (Version: 1)
0 comment(s)
A little over a week ago the President of the United States visited the National Security Agency in Ft. Meade, Maryland.  The visit came on the heels of allegations that domestic eavesdropping laws were broken, and that the administration had exceeded its authorized powers.  We aren't going to pick sides on that one but there was a really nice photo that showed up in the Washington Post as part of the story that we should all be proud of.  When I first saw it, I thought:

Super-secret spy agency sensor grid - $Billions
Security for a visit from the President of the United States - $Millions
Showing the President that your prime source of information is a bunch of volunteers - PRICELESS!

See the photo or read the article.  The image you see behind the NSA Director is the Talisker Security Wizardry Portal, which includes the DShield world map along with other security information.

By the way, that DShield image doesn't just get there by magic.  It's the result of thousands of volunteers around the globe running sensors that feed information about data flows to a central database repository.  From there, DShield can detect early indications of new threat tools, worm activity, and other malicious trends.  It's no wonder that the NSA likes showing it off to the President!  But to make it work we need more volunteers.  Even if all you have access to is a SOHO router in your house you can probably submit logs to DShield.  Instructions are online at DShield and if you have any questions please drop us a note via our contact form.

Can you tell that Sunday was a slow day?  I suppose that everybody was preparing for the Super Bowl or recovering from the five computers affected by the CME-24 virus on Friday. 

That's OK.  We needed the breather.


Marcus H. Sachs
Handler of the Day

Keywords:
0 comment(s)
Diary Archives