[26968] in North American Network Operators' Group
Re: early warning mailing list?
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed Feb 2 21:37:04 2000
Date: 2 Feb 2000 18:35:18 -0800
Message-ID: <20000203023518.6980.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: goemon@sasami.anime.net
From: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 02 February 2000, Dan Hollis wrote:
> Is there an 'early warning' mailing list for up-to-the-minute alerts
> about in-progress DoS attacks, portscanning, etc?
The for-profit security companies, e.g. McAfee, Computer Associates,
Symantec; frequently issue alerts via Businesswire and PR Newswire. They
seem to compete with each other on who can get a press release out first.
Although its not real-time, the NIPC puts out CyberNotes every two weeks.
Its a good summary of what's happening. Look in publications on the
http://www.nipc.gov/ web site.
There are a number of real-time intrusion detection projects underway. The
good ones seem to fade in and out, and focused on a single customer base. But
I'm not aware of any which feed real-time reports to a public list, such as
the case for spam hunters.
