| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Oct 2007 17:38:20 -0400
From: Valdis.Kletnieks@...edu
To: worried security <worriedsecurity@...glemail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: If internet goes down out of hours,
we're screwed
On Mon, 08 Oct 2007 19:55:59 BST, worried security said:
> If you internet goes down out of business hours
> , don't expect anyone to answer you from CERT.
Actually, if "your internet" goes down, you should probably be calling
your ISP, not US-CERT. The vast majority of "down" conditions are networking
issues, not security issues. And if you're being DDoS'ed, you're *still*
going to need to deal with your ISP because some NOC monkey is going to need
to do the mitigation, and the CERT guys aren't going to be able to do anything
for you with that anyhow.
> Email: <mailto:cert@...t.org> (monitored during business hours)
Which is as it should be - if you look at the things that are actually within
their purview, it's reasonable to expect it to *not* be a 24/7 mailbox. There
are *other* venues that deal with the sort of things that happen at 2:30AM and
can't wait until 8AM for resolution, and they *are* monitored 24/7. The mere
fact that you haven't been invited to participate in those venues doesn't mean
they don't exist.
Besides which you overlooked the most obvious point of all:
If your internet is down, you can't e-mail to anybody anyhow.
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists