Misplaced Pages

Internet Storm Center

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
(Redirected from SANS Internet Storm Center)
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (November 2017) (Learn how and when to remove this message)
This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources.
Find sources: "Internet Storm Center" – news · newspapers · books · scholar · JSTOR (February 2010) (Learn how and when to remove this message)
(Learn how and when to remove this message)

The Internet Storm Center (ISC) is a program of the SANS Technology Institute, a branch of the SANS Institute which monitors the level of malicious activity on the Internet, particularly with regard to large-scale infrastructure events.

History

The ISC evolved from "Incidents.org", a site initially founded by the SANS Institute to assist in the public-private sector cooperation during the Y2K cutover. In 2000, Incidents.org started to cooperate with DShield to create a Consensus Incidents Database (CID). It collected security information from cooperating sites and agencies for mass analysis.

On March 22, 2001, the SANS CID was responsible for the early detection of the "Lion" worm attacks on various facilities. The quick warning and counter-efforts organized by the CID were instrumental in controlling the damage done by this worm, which otherwise might have been considerably worse.

Later, DShield was integrated closer into incidents.org as the SANS Institute started to sponsor DShield. The CID was renamed the "Internet Storm Center" in acknowledgement of the way it uses the distributed sensor network similar to the way a weather reporting center will detect and track an atmospheric storm and provide warnings. Since that time the ISC has expanded its monitoring operations; its website cites a figure of over twenty million "intrusion detection log entries" per day. It continues to provide analyses and alerts of security threats to the Internet community.

During the last hours of 2005 and the first weeks of 2006, the Internet Storm Center went to its longest period at the time to "yellow" on the Infocon for the WMF vulnerability.

The most prominent feature of the ISC is a daily "Handler Diary" which is prepared by one of the 40 volunteer incident handlers and summarized the events of the day. It frequently is the first public source for new attack trends and actively facilitates cooperation by soliciting more information to understand particular attacks better.

The Internet Storm Center is currently staffed with approximately 40 volunteers, representing 8 countries and many industries.

Notable members

External links

Categories: