Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2012-03-15 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

ISC Feature of the Week: Infocon

Published: 2012-03-15
Last Updated: 2012-03-15 16:29:27 UTC
by Adam Swanger (Version: 1)
2 comment(s)

Overview

You can view the current Infocon status at https://isc.sans.edu/infocon.html as well as in other areas of our site.

The intent of the 'Infocon' is to reflect changes in malicious traffic and the possibility of disru   pted connectivity. Our handlers monitor DShield logs, emails and numerous other internet sources in order to determine if the Infocon level should be adjusted. There are 4 definition levels of the Infocon as outlined below.

Features

Link To Current Infocon Status - https://isc.sans.edu/infocon.html#link

Applications and Widgets - https://isc.sans.edu/infocon.html#apps_and_widgets

There are a variety of additional ways to keep an eye on the Infocon level. Methods include Windows systray, OS X widget, KDE application, nagios alerts and Firefox extension.

Infocon Definition - https://isc.sans.edu/infocon.html#definition

Note: There is a Blue TEST status not used in everyday alert levels.

  1. Green - Everything is normal
  2. Yellow - Currently tracking a significant new threat
  3. Orange - Major disruption in connectivity is imminent
  4. Red - Loss of connectivity across a large part of the internet.

Infocon HIstory - https://isc.sans.edu/infocon.html#infocon_history

A list of Infocon changes by date with a reason and link where possible.

 

What ways and where do you use the Infocon? Share suggestions or feedback in the section below or send us any questions or comments in the contact form at https://isc.sans.edu/contact.html

--
Adam Swanger, Web Developer (GWEB, GWAPT)
Internet Storm Center (http://isc.sans.edu)

Keywords: ISC feature
2 comment(s)
Diary Archives