www.disa.mil down?

Published: 2011-11-15
Last Updated: 2011-11-15 01:15:44 UTC
by Adrien de Beaupre (Version: 1)
14 comment(s)

The web server behind disa.mil appears to be down. It currently resolves to but it is sending RST to requests. Thanks Paul for noticing and writing in!

Adrien de Beaupré
Teaching SANS Sec560 in Toronto #sanstoronto, 21-26 Nov 2011

Keywords: disamil down
14 comment(s)


I imagine thousands of web servers go down everyday. What am I missing about this particular system from a security perspective?
DISA: Defense Information Systems Agency that provides information technology (IT) and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.
It handles the C&C of the DOD SIPRNET (Secure Internet), NIPRNET (Non-Secure Internet), 13 Regional NOC’s, etc.
Thx, Itsup2u. Are we to assume the US is under attack or that its a config/maint snafu as I read the FBI DNSSEC issue to be? Guess my point is that I feel the initial post might be premature w/o other info.
DISA's been down since at least yesterday afternoon. I think I started trying the IASE portal at 1:00 PM -ish with no luck. I halfway assumed that the problems might be related to the FBI.gov problems, but FBI is up this morning.

Well, no STIGs for me. I don't know whether to dig out the tinfoil hat or just call it a day.
There's no attack, just a hardware failure on the SAN.
Up here --> http://diicoe.disa.mil/

@dsh, The fact that this site is down affects all DoD security personnel that may need access to current STIGs, SRRs, Retina scan updates and other information required as part of the DIACAP process. No one said "The US is under attack". They merely noted that a key information security resource is unavailable.
Thx, lonegeek05. Regardless of the reason for the outage, it'll be an interesting case study in BCP. Especially given the amount of $$$ the DOD has and the importance of the site.
The STIGS and other IA resources are still available through the DoD IA Portal on DKO. The same can't be said for DISA's Vulnerability Management System. This doesn't bode well for DISA Computing Services Directorate or their customers.
4 days now!? Anyone know what's going on?

@tnc, what's the URL for the DKO portal?

Diary Archives