Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DHS "Spam" List

The US Department of Homeland Security sends out a daily Open Source Intelligence Report to a subscription list of hundreds, perhaps thousands of recipients.  This morning a reader replied to the list address with a request for a change and his note got re-sent to all of the list subscribers.  In the next hour or so, dozens of readers have replied, creating a mini-DDoS of sorts to the subscriber's inboxes.  This points out an important point - if you maintain a broadcast mailing list make sure that the address will not reflect email from sources other than the owner of the list.  Otherwise, you will become a training example for SANS.

While this is not a Cyber Security Awareness tip, it comes mighty close.

(DHS has been notified.)

Marcus H. Sachs
Director, SANS Internet Storm Center


301 Posts
ISC Handler
Oct 3rd 2007

Sign Up for Free or Log In to start participating in the conversation!