ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Anyone else familiar with US-Cert Traffic Light Protocol?

    IT Discussion
    5
    8
    836
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Mike DavisM
      Mike Davis
      last edited by

      I received a builtin today because I support an agency that works with New York State. It was an advisory about some IP addresses to watch out for. They recommended keeping my system patched up to date and said I should consider blocking the suspicious IP addresses from third world countries they have identified. The real joke was that this information was coded "TLP:Amber" meaning these IPs shouldn't be shared with the public. Maybe someone from the public should tell them about geo-blocking. This is the first alert they have sent me. Has anyone else received these "alerts" before? Are they all like this?

      1 Reply Last reply Reply Quote 1
      • Mike DavisM
        Mike Davis
        last edited by

        BTW, I didn't check them all, but the IPs I did check are already registered in the https://www.abuseipdb.com so it's not like this is secret information.

        scottalanmillerS 1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @Mike Davis
          last edited by

          @Mike-Davis said in Anyone else familiar with US-Cert Traffic Light Protocol?:

          BTW, I didn't check them all, but the IPs I did check are already registered in the https://www.abuseipdb.com so it's not like this is secret information.

          The knowledge of how security works is probably secret and kept from NYS employees, though. 🙂

          1 Reply Last reply Reply Quote 0
          • jt1001001J
            jt1001001
            last edited by

            I have gotten them form US CERT (computer Emergency Readiness Team) for the exact same reason, and yes they are ALL like that.

            1 Reply Last reply Reply Quote 0
            • IRJI
              IRJ
              last edited by

              I get their emails everyday and have to act on them as part of my job. All their emails are classified at a different level.

              wirestyle22W Mike DavisM 2 Replies Last reply Reply Quote 1
              • wirestyle22W
                wirestyle22 @IRJ
                last edited by

                @IRJ said in Anyone else familiar with US-Cert Traffic Light Protocol?:

                I get their emails everyday and have to act on them as part of my job. All their emails are classified at a different level.

                I have never received one. Interesting.

                1 Reply Last reply Reply Quote 0
                • Mike DavisM
                  Mike Davis @IRJ
                  last edited by

                  @IRJ said in Anyone else familiar with US-Cert Traffic Light Protocol?:

                  I get their emails everyday and have to act on them as part of my job. All their emails are classified at a different level.

                  What kind of stuff have they sent that was actionable?

                  IRJI 1 Reply Last reply Reply Quote 0
                  • IRJI
                    IRJ @Mike Davis
                    last edited by

                    @Mike-Davis said in Anyone else familiar with US-Cert Traffic Light Protocol?:

                    @IRJ said in Anyone else familiar with US-Cert Traffic Light Protocol?:

                    I get their emails everyday and have to act on them as part of my job. All their emails are classified at a different level.

                    What kind of stuff have they sent that was actionable?

                    Zero days and other CVEs

                    1 Reply Last reply Reply Quote 0
                    • 1 / 1
                    • First post
                      Last post