Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Weekend blues InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Weekend blues

Published: 2006-10-08
Last Updated: 2006-10-08 21:20:11 UTC
by Swa Frantzen (Version: 1)
0 comment(s)

While weekends in general are kinda slow in security news, there seems to be somewhat of an opposite trend on the side of those who attack us.

  • Email spammers seen to be more active during weekend
  • Forum/feedback spammers seem to be on the same page
  • The iframe gang seems to start their campaigns on Fridays
  • New exploits typically are usedin the wild on Friday afternoon/nights

Why the bad guys do this is easy: it slows us defenders down to have to take countermeasures during the weekend.

So if there is a lesson to learn, it's to make sure our defences during the weekend are up to speed. Yet even if we do have experienced staff in place, those laptops e.g. are still outside of their protective perimeter, possible even used for (mostly?) non-professional activity.

Keeping our defenses up to speed means also even for small companies to be reachable towards our ISP, and the world at large if you have anything that's connected to the Internet: if one of our servers gets abused and is used to attack otheers we need to be able to take action on the problem we're causing.

--
Swa Frantzen -- Section 66

Keywords:
0 comment(s)
Diary Archives