CSIRT

Last updated: 
2 weeks 4 days ago
Blog Manager
Log in to request membershipHide blog description

We are the Computer Security and Incident Response Team (CSIRT) for the Janet network. Part of Jisc's Security Operations Centre, our mission is to safeguard the current and future network security of Janet (steering the security policies for all Janet connections) and of our customers, creating a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the Janet network, with specialists tracking a range of platforms, including Unix, Linux and Windows.

Filter by tags:

Filter by content author

Clear filters

Recent members:

Group administrators:

Blog Article

Reflected DDoS attacks

Following on from our messages and briefing at the start of the year, DDOS attacks are continuing to occur at a greater frequency than they have in previous years. We have been working to assist affected customers when they happen.

Many of the attacks make use of unauthenticated UDP based services to reflect and amplify traffic against the chosen target. Open DNS resolvers (53/udp) and increasingly CHARGEN (19/udp) are the two most abused services. It's not unusual to see attacks in the order of 10Gb/s.

CSIRT
security
DDOS
DNS
chargen
29 October 2013 at 11:06am
James Davis
Blog Article

Citadel/Zeus sinkholes

Microsoft's recent take down of domains related to Citadel (a varient of Zeus) botnets has unfortunatly also taken down a number of sinkhole domains that were being used by researchers to monitor and report on Citadel infections.

As a result of this our reporting of Citadel and Zeus infections may see a drop in the coming weeks. Any decrease in the number of infections seen at a particular site may be due to this lack of visibility.

infosec
malware
Zeus
citadel
11 June 2013 at 10:00am
James Davis
Prev | Next