H went down.

Published: 2010-10-03
Last Updated: 2011-01-24 23:33:51 UTC
by Adrien de Beaupre (Version: 1)
2 comment(s)

Well the bad news is the H root servers were not available for over 18 hours. The good news is that practically nobody noticed. As it turns out a fiber cut and poor weather took out access to this cluster of root DNS servers. https://lists.dns-oarc.net/pipermail/dns-operations/2010-October/006142.html shows the explanation for the outage. While the outage had no direct impact on Internet users, it does point out the necessity of proper design for redundancy. Graph of the H availability:

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Keywords: denial of service dns root servers
2 comment(s)

Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams

Published: 2010-10-03
Last Updated: 2011-01-24 23:33:07 UTC
by Adrien de Beaupre (Version: 2)
4 comment(s)

On day 3 of Cyber Security Awareness Month 2010 the topic is Recognizing phishing and online scams. Which is an interesting discussion. For example, would phishers still bother if no one clicked and freely entered their credit card and personal information? Would 419 scammers bother if no one responded to their messages? Since there is a profit motive behind the miscreants actions if there were a diminishing return, or the actual possibility or prosecution, would we continue to see so many of their emails and web sites? Philosophical questions aside, in oder to reduce the harm of scammer and phishers the people receiving the bait need to be able to recognize the messages as such and not respond or click.

Don't click or respond to the following:

  • If it sounds too good to be true, it is.
  • If the message does not appear authentic, it probably isn't.
  • Do the content of the message appear in search engine results?
  • If you hover your mouse over the link does your browser or security software silently scream at you?
  • Seeing silly typos, formatting, or grammatical errors a professional would not make.
  • If the message asks you to send your information to them, rather than the other way around.
  • If you don't have an account with the company supposedly sending the email!

Here are some useful links:

  • http://www.microsoft.com/protect/fraud/phishing/symptoms.aspx
  • http://www.us-cert.gov/reading_room/emailscams_0905.pdf
  • http://www.gongol.com/howto/recognizephishing/
  • http://www.surfnetkids.com/safety/how_to_recognize_phishing-21760.htm

This is just a start, please send in your suggestions on ways to avoid falling for scammers by recognizing the signs.

Update: Leigh sent in the following quiz to assist in detecting phishing/scams:

http://www.ballarat.edu.au/aasp/is/ict/security/security_challenge.shtml

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

 

Keywords: 2010 cyber security awareness month CSAM NCSAM
4 comment(s)

Canada's Cyber Security Strategy released today

Published: 2010-10-03
Last Updated: 2011-01-24 23:32:23 UTC
by Adrien de Beaupre (Version: 1)
2 comment(s)

Public Safety Canada released their version of a Cyber Security Strategy today. My first impression is that the document is a good start, albeit a bit late. It does demonstrate that the government is trying to show leadership in this area, which is a good thing. What the strategy document lacks is the pragmatic plan and specific steps required to implement it. The document will also serve as the report card for Canadians to evaluate the progress of the various departments that currently handle aspects of cyber security within the levels of government. Particularly Public Safety. In twelve months from now all of the items in their strategy should be reality. Each of the three primary areas the strategy covers are equally important in the long term, and require a significant investment in time, funding, cooperation, partnerships, and leadership. Government systems, applications, and networks must be secured. New better partnerships must be created with all stakeholders in the private and public sectors. The public have the right to expect both guidance and assistance in securing their home computers and identities. 

I believe that this truly underscores the need for a national CIRT/CERT in Canada, an organization that can help Canada meet these requirements and follow the steps as laid out in the strategy, as unfortunately it does not currently exist.

It is a step in the right direction, however many more are required.

The strategy is outlined here:
http://www.publicsafety.gc.ca/prg/em/cbr/ccss-scc-eng.aspx

Tell us what you think, or comment below!


Cheers,
Adrien de Beaupré, Handler, SANS Internet Storm Center
Senior IT Security Consultant
Intru-shun.ca Inc.

Keywords: Canadas Cyber Security Strategy
2 comment(s)

Comments

What's this all about ..?

Anonymous

Dec 3rd 2022
9 months ago

password reveal .

Anonymous

Dec 3rd 2022
9 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

Anonymous

Dec 26th 2022
8 months ago

https://thehomestore.com.pk/

Anonymous

Dec 26th 2022
8 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
8 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
8 months ago

https://defineprogramming.com/

Anonymous

Dec 26th 2022
8 months ago

https://defineprogramming.com/

https://defineprogramming.com/

Dec 26th 2022
8 months ago

Enter comment here... a fake TeamViewer page, and that page led to a different type of malware. This week's infection involved a downloaded JavaScript (.js) file that led to Microsoft Installer packages (.msi files) containing other script that used free or open source programs.
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/

https://defineprogramming.com/

Dec 26th 2022
8 months ago

Enter corthrthmment here...

rthrth

Jan 2nd 2023
8 months ago

Login here to join the discussion.


Diary Archives