Home page logo

isn logo Information Security News mailing list archives

"Potential Distributed Denial of Service (DDoS) Attacks"
From: InfoSec News <isn () c4i org>
Date: Tue, 18 Sep 2001 03:05:07 -0500 (CDT)



"Potential Distributed Denial of Service (DDoS) Attacks "

The National Infrastructure Protection Center (NIPC) expects an
increase in Distributed Denial of Service (DDoS) attacks. NIPC
Advisory 01-020, "Increased Cyber Awareness" dated September 14, 2001
warned of threatened vigilante hacking activity against organizations
associated with the perceived perpetrators of the September 11, 2001
terror attacks.

On September 12, 2001, a group of hackers named the Dispatchers
claimed they had already begun network operations against information
infrastructure components such as routers. The Dispatchers stated they
were targeting the communications and finance infrastructures. They
also predicted that they would be prepared for increased operations on
or about Tuesday, September 18, 2001.

There is the opportunity for significant collateral damage to any
computer network and telecommunications infrastructure that does not
have current countermeasures in place. The Dispatchers claim to have
over 1,000 machines under their control for the attacks. It is likely
that the attackers will mask their operations by using the IP
addresses and pirated systems of uninvolved third parties.

System administrators are encouraged to check their systems for zombie
agent software and ensure they institute best practices such as
ingress and egress filtering. The NIPC has made available the "Find
DDoS" tool to determine if your computer has been infected by the most
common DDoS agents. The tool may be downloaded from the following


Additionally, a list of best practices is available from the CERT/CC
website, located at: http://www.cert.org/security-improvement. 

Recipients of this advisory are encouraged to report computer
intrusions to their local FBI office


or the NIPC, and to the other appropriate authorities. Incidents may
be reported online at http://www.nipc.gov/incident/cirr.htm. The NIPC
Watch and Warning Unit can be reached at (202) 323-3204/3205/3206 or
nipc.watch () fbi gov 


ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.

  By Date           By Thread  

Current thread:
  • "Potential Distributed Denial of Service (DDoS) Attacks" InfoSec News (Sep 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]