Please make sure that if you are running Cisco Routers that you have set: ip no directed-broadcast on all of your interfaces. Also make sure that you are doing proper filtering outbound at your border router(s) to prevent source address spoofing. System scanner that searches for trin00 and other distributed denial of service attack tools. http://www.fbi.gov/nipc/trinoo.htm I do not personally like the idea of running untested binaries from the FBI on my computers. But that is just how I am. You make the call. CenterTrack, the tool that Internet Service Providers will use to find the source of forged IP packets employed in distributed denial of service attacks. http://www.nanog.org/mtg-9910/robert.html At least two other sites have been the targets of distributed denial of service (DDOS) attacks similar to the one that plagued Yahoo on Monday. DDOS attacks flood sites with traffic from a variety of locations, often causing the sites to shut down. http://dailynews.yahoo.com/h/nm/20000208/ts/tech_hackers_1.html At the Northern California branch of Sandia National Laboratory, computer security students are learning to defeat computer attacks, and sharing their work on the Internet. http://washingtonpost.com/wp-srv/WPlate/2000-02/05/078l-020500-idx.html Many e-commerce businesses lack comprehensive security policies, and IT managers are less confident in the security of their systems than are company executives, according to a recent study by Deloitte Touche Tohmatsu and the Information Systems Audit and Control Association (ISACA) http://www.currents.net/newstoday/00/02/04/news17.html Some web based shopping cart applications could allow malicious shoppers to alter fields in HTML forms and in URLs to change the price of items they are buying. Eight of the eleven identified vulnerable shopping applications have been altered to increase security. http://www.computerworld.com/home/print.nsf/all/000202E636 http://www.usatoday.com/life/cyber/nb/nb2.htm http://www.theregister.co.uk/000203-000006.html At least two fraudulent web sites purporting to be related to Alaska Airlines Flight 261 have popped up on the Internet. At least one is trying to solicit donations and it spreads a virus to site visitors; another was shut down. Alaska Airlines is trying to find out who set up the phony sites; their official site, which contains Flight 261 information, is www.alaskaair.com. http://www.usatoday.com/life/cyber/tech/cth273.htm http://www.currents.net/newstoday/00/02/04/news7.html Government systems security and encryption validation standards have been updated. Revisions include removal of redundant information and the addition of a section on surviving cyber attacks. http://www.gcn.com/vol1_no1/daily-updates/1236-1.html The US's reliance on information technology is both an asset and a liability. The technology of information warfare can magnify the range and effect of a single attacker, according to the directors of the CIA and the DIA (Defense Intelligence Agency). Intelligence suggests that Middle East terrorist groups are using computers and encryption. Most adversaries, however, are not sophisticated enough to launch a comprehensive information systems attack. http://www.currents.net/newstoday/00/02/03/news19.html A security hole in Microsoft's Java virtual machine could allow attackers to lift files from computers by inserting code into a Java applet and them embedding it in a web page. http://www.zdnet.com/zdnn/stories/news/0,4586,2431555,00.html The Electronic Frontier Foundation (EFF), arguing for the defense in two DVD code cases, says that DVD encryption does not meet the minimum standard for a trade secret. http://www.cnnfn.com/news/technology/newsbytes/143179.html FIDNet, the proposed Federal Intrusion Detection Network, is the focus of debate about the Clinton administration's National Plan for Information Systems Protection. Privacy advocates say the plan focused heavily on system monitoring and surveillance rather than on enhancing computer security. They have also expressed concern that one agency, the General Services Administration (GSA) would monitor all federal network communication. http://www2.infoworld.com/articles/en/xml/00/02/01/000201enprivate.xml?Template =/storypages/printarticle.html http://www.thestandard.com/article/display/1,1151,9327,00.html http://www.computerworld.com/home/print.nsf/all/000201E5E2 http://www.wired.com/news/print/0,1294,34027,00.html Questions, Comments, Suggestions, Complaints----> JLF@magusnet.com