Re: Slate Podcast on Estonian DOS atatck

["Alexander Harrowell" <a.harrowell () gmail com>]

On 5/23/07, ge () linuxbox org <ge () linuxbox org> wrote:
> I just now got from a 6 hours beer fest with ISP/CERT/military/etc. guys
> who have been working on these attacks on Estonian infrastructure for the past 3 weeks here in
> Tallinn.. so if I make less sense than usual, please forgive me. Beer
> good.
>
> Sitting with these folks for the past week, I got so impressed with the
> abuse handling work they are doing that even I, who had a very negative opinion
> of Estonia and cyber-crime, completely changed my mind.
>
> Their CERT is *extremely* responsive, their ISPs are all talking and
> cooperating on abuse and security (and drinking beer). Things are very
> different from what they were even just a year ago. Even their Police
> force is clued.
>
> If anyone has issues in Estonia, I'd strongly urge you to contact the
> Estonian CERT at www.cert.ee, and you most likely won't get
> disappointed. A lot of good people over here.
>
>         Gadi.

How serious was the attack really? The national press reporting was
either nonexistent or hysterical (Cyberwar! Woo!), but it didn't
disturb anyone to post to NANOG at any point, and it does not seem to
have had any measurable real-world consequences.

Was this because a) it wasn't really that serious, b) it was serious
but mitigation was successful, or c) being well-mitigated (BCP38 and
the like) from the word go, its seriousness or otherwise wasn't
obvious?