Internet Storm Center
   HOME

TheInfoList



Click Here for Items Related To - Internet Storm Center
OR:
Internet Storm Center on:   [Wikipedia]   [Google]   [Amazon]

{{multiple issues, {{no footnotes, date=November 2017 {{primarysources, date=February 2010 The Internet Storm Center (ISC) is a program of the
SANS Technology Institute The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for tr ...
, a branch of the
SANS Institute The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for t ...
which monitors the level of malicious activity on the
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
, particularly with regard to large-scale infrastructure events.


History

The ISC evolved from "Incidents.org", a
site Site most often refers to: * Archaeological site * Campsite, a place used for overnight stay in an outdoor area * Construction site * Location, a point or an area on the Earth's surface or elsewhere * Website, a set of related web pages, typical ...
initially founded by the SANS Institute to assist in the public-private sector cooperation during the
Y2K The year 2000 problem, also known as the Y2K problem, Y2K scare, millennium bug, Y2K bug, Y2K glitch, Y2K error, or simply Y2K refers to potential computer errors related to the formatting and storage of calendar data for dates in and after ...
cutover. In 2000, Incidents.org started to cooperate with
DShield DShield is a community-based collaborative firewall log correlation system. It receives logs from volunteers worldwide and uses them to analyze attack trends. It is used as the data collection engine behind the SANS Internet Storm Center (ISC). DS ...
to create a Consensus Incidents Database (CID). It collected security information from cooperating sites and agencies for mass analysis. On March 22, 2001, the SANS CID was responsible for the early detection of the "Lion"
worm Worms are many different distantly related bilateral animals that typically have a long cylindrical tube-like body, no limbs, and no eyes (though not always). Worms vary in size from microscopic to over in length for marine polychaete wo ...
attacks on various facilities. The quick warning and counter-efforts organized by the CID were instrumental in controlling the damage done by this worm, which otherwise might have been considerably worse. Later,
DShield DShield is a community-based collaborative firewall log correlation system. It receives logs from volunteers worldwide and uses them to analyze attack trends. It is used as the data collection engine behind the SANS Internet Storm Center (ISC). DS ...
was integrated closer into incidents.org as the SANS Institute started to sponsor DShield. The CID was renamed the "Internet Storm Center" in acknowledgement of the way it uses the distributed sensor network similar to the way a
weather Weather is the state of the atmosphere, describing for example the degree to which it is hot or cold, wet or dry, calm or stormy, clear or cloud cover, cloudy. On Earth, most weather phenomena occur in the lowest layer of the planet's atmos ...
reporting center will detect and track an atmospheric
storm A storm is any disturbed state of the natural environment or the atmosphere of an astronomical body. It may be marked by significant disruptions to normal conditions such as strong wind, tornadoes, hail, thunder and lightning (a thunderstorm), ...
and provide warnings. Since that time the ISC has expanded its monitoring operations; its
website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and Wi ...
cites a figure of over twenty million "intrusion detection log entries" per day. It continues to provide analyses and alerts of security threats to the Internet community. During the last hours of 2005 and the first weeks of 2006, the Internet Storm Center went to its longest period at the time to "yellow" on the Infocon for the WMF vulnerability. The most prominent feature of the ISC is a daily "Handler Diary" which is prepared by one of the 40 volunteer incident handlers and summarized the events of the day. It frequently is the first public source for new attack trends and actively facilitates cooperation by soliciting more information to understand particular attacks better. The Internet Storm Center is currently staffed with approximately 40 volunteers, representing 8 countries and many industries.


Notable members

* Director of the ISC: Marcus Sachs * Chief Technical Officer:
Johannes Ullrich Johannes Ullrich is the founder of DShield. DShield is now part of the SANS Internet Storm Center which he leads since it was created from Incidents.org and DShield back in 2001. In 2005, he was named one of the 50 most powerful people in Netwo ...
* Handler Tom Liston


External links


Internet Storm Center webpageSANS Technology InstituteThe Repository of Industrial Security Incidents
Computing websites Internet security