Members
Stats
  • Total Posts: 28514
  • Total Topics: 8240
  • Online Today: 816
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Symantec issues bogus warning of full-scale Internet meltdown  (Read 1165 times)

0 Members and 1 Guest are viewing this topic.

Amker

  • SCF Global Moderator
  • *****
  • Posts: 1081
  • KARMA: 22
  • Gender: Male
    • SCforum.info
September 22, 2007 (Computerworld) -- Symantec Corp.'s early warning system gave its enterprise customers a brief scare late Friday when it erroneously sent an alert that said an Internet-crippling attack was in progress.

The message, which went out to users of Symantec's DeepSight advanced alert system around 8:40 p.m. EDT, had a subject head that simply read: "DeepSight Increased ThreatCon from 1 to 4 Alert."

ThreatCon uses a 1-through-4 scoring system, with 1 being the least alarming and 4 the most dire, to indicate Symantec's take on the current state of Internet security. According to the company's own definition, Level 4 is tagged as "Full alert" and reserved for those times when "extreme global network incident activity is in progress. Implementation of measures in this Threat Condition for more than a short period probably will create hardship and affect the normal operations of network infrastructure."

Symantec has never set ThreatCon to Level 4. In fact, even a Level 3 is rare. One of the last times the Cupertino, Calif. security company issued a Level 3 alert was in May 2004, when the Sasser worm was on the rampage.

In the body of the e-mailed alert, however, careful readers found the words: "Summary: threatcon test threatkhanh otrs" buried among several links.

The alert was a false alarm, Symantec said just over an hour later in a follow-up message at 9:45 p.m. EDT. "The DeepSight Threat Management System is NOT at ThreatCon 4. At 18:40 MST on September 21, 2007 an erroneous ThreatCon 4 update was issued through DeepSight TMS due to product testing. This ThreatCon 4 update should be disregarded."

A similar message posted on the DeepSight Threat Management System Web-based console ended with: "The ThreatCon has been returned to the correct level, ThreatCon 1."

(Copyright by Computerworld)

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9038358&intsrc=hm_list
# Online Anti-Malware Scanners: http://scforum.info/index.php/topic,734.0.html

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising