[Full-disclosure] If internet goes down out of hours, we're screwed

[Valdis.Kletnieks at vt.edu]

On Mon, 08 Oct 2007 19:55:59 BST, worried security said:

> If you internet goes down out of business hours
> , don't expect anyone to answer you from CERT.

Actually, if "your internet" goes down, you should probably be calling
your ISP, not US-CERT.  The vast majority of "down" conditions are networking
issues, not security issues.   And if you're being DDoS'ed, you're *still*
going to need to deal with your ISP because some NOC monkey is going to need
to do the mitigation, and the CERT guys aren't going to be able to do anything
for you with that anyhow.

> Email:     <mailto:cert at cert.org> (monitored during business hours)

Which is as it should be - if you look at the things that are actually within
their purview, it's reasonable to expect it to *not* be a 24/7 mailbox.  There
are *other* venues that deal with the sort of things that happen at 2:30AM and
can't wait until 8AM for resolution, and they *are* monitored 24/7.  The mere
fact that you haven't been invited to participate in those venues doesn't mean
they don't exist.

Besides which you overlooked the most obvious point of all:

If your internet is down, you can't e-mail to anybody anyhow.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20071008/78934ec6/attachment.bin