The recent turn of the year marks a significant anniversary in the somewhat tangled history of Internet and network security work: the Internet Storm Center at the SANS Institute is ten years old. (You’ll find another link to the ISC in the “Useful Links”” box on the right of this page,) The SANS Institute itself runs security seminars and courses, and has a trove of useful information, but the ISC is really focused on what’s going on “at the coal face” with today’s issues.
… the SANS Internet Storm Center evolved from an initiative launched by the SANS Institute in December 1999 in support of the US government’s concern that hackers might take advantage of the Y2K rollover confusion by launching attacks against critical systems while system administrators were tied up solving Y2K date problems.
The ISC is staffed by about 35 volunteer “handlers”, security professionals from all around the world, who are among the best in the business, and led by Marcus Sachs, Director of the ISC. There is always a “Handler on Duty”, 24/7/365, and any of the handlers can create diary entries on the main ISC page for any newsworthy events. Some of the announcements you can expect to see include:
- New instances of malicious software
- Ongoing analysis of current security threats
- New releases of software incorporating security fixes (including a detailed analysis of Microsoft’s monthly patches).
- New or noteworthy tools for security and systems management
- New research on security issues
There is also a loosely-defined groups of regular users who contribute their observations and experience to help keep information up to date.
Marcus Sachs has a diary entry at the ISC site, reflecting on the formation and development of the center since its early days. I’ve found the ISC to be an enormously valuable resource over the years (and am glad to have had the opportunity to contribute in a very small way on occasion). It is a technical resource, and may be a bit too much so for some users; but if you are involved in systems or network security at all, I recommend it very highly.