posted Monday, January 27, 2003 at 3:05 pm MST
Addenda to the M$ $QL 1434 attack:
* Distributed Intrusion Detection System presents a very informative homepage.
* netsys.com hosts "Full Disclosure", a security oriented list.
* CERT/CC and the Electronic Industries Alliance have joined to form the Internet Security Alliance.
* from SecurityFocus 7JAN03: "Closing the Floodgates: DDoS Mitigation Techniques". "To be on the receiving end of a distributed denial of service (DDoS) attack is a nightmare scenario [...] It begins instantly, without warning, and continues relentlessly [...] An effective, immediate response is often difficult and may depend on third parties, such as ISPs." (The "related articles" on this page includes such as "Characterizing and Tracing Packet Floods Using Cisco Routers" [PDF])
* by UW's David Dittrich (an armload of forensic links here), the mother of all DDoS pages: DDoS Attacks / Tools
* Bill Wall's list of computer hacker incidents (thanks to DaD for this)
* at itworld.com, the Unix Security Newsletter; "Unix is lauded for its flexibility and openness. However, vulnerabilities in standard configurations can make Unix systems susceptible to security threats." (This is the archives, stopping at SEP02 ... the list is defunct? Security Strategies is up to date.)