funsec mailing list archives
Re: 'Cyber Attack' Aimed At Texas Electricity Provider
From: "Jeff Kell" <Jeff-Kell () utc edu>
Date: Sun, 04 Apr 2010 13:13:30 -0400
Sorry for top-post, I'm relegated to webmail for the moment... :-( -----Original Message----- From: Valdis.Kletnieks () vt edu
If I had a nickel for every ssh woodpecker we see, I could retire to a bungalow on a nice beach somewhere in the cheaper part of the Pacific Rim. If I counted the ones we *don't* see because we don't even bother logging them, I'd probably have a McMansion on the expensive side of the Pacific Rim. ;)
Amen to that. Depending on the size of your internet-facing netblocks, this gets out of hand real fast. The counts might be interesting for metrics or powerpoint slides as a measure of such activity, but get out of hand real quickly (though probably sells a lot of SIEM SAN storage). Reminds me of the userland "firewalls" a few years back that would throw together a nice abuse@ report for such "unsolicted attack" behavior. IWF ring any bells? :-) Jeff _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Cyber Attack' Aimed At Texas Electricity Provider Paul Ferguson (Apr 03)
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Blue Boar (Apr 03)
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Joel Esler (Apr 04)
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Valdis . Kletnieks (Apr 04)
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Rich Kulawiec (Apr 06)
- <Possible follow-ups>
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Jeff Kell (Apr 04)
- Re: 'Cyber Attack' Aimed At Texas Electricity Provider Blue Boar (Apr 03)