Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: 2004 - A Look Back - Your Choice for Diary of the Year - Happy New Years - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
2004 - A Look Back - Your Choice for Diary of the Year - Happy New Years

2004 - What a year this has been.

We have seen everything from soup to nuts and then some. We have seen a rapid rise in phishing schemes. Paypal and eBay are no longer the only targets. Most banks have been targeted as well as BestBuy. (It is hard to believe that people are still falling for these).

We have seen a rise in botnet activity. I can personally attest to them. I have cleaned many a computer that has been the victim of a botnet attack. (I can't wait to see what is instore for us in 2005).

We have seen an increase in Rootkits, worms, viruses and malware. All with their own little nasty after affects.

I for one vote that we lobotimize the script kiddies, malware authors and the marketing people using their software.
Your Choice for Diary of the Year

In November I asked our faithful readers to tell us what they thought the best diary of the year was. The Tom (I Love Orange) Liston fan club (or Tom and all of his aliases) registered in loud and clear. He without a doubt received the most votes for his Follow the Bouncing Malware Series. I have to admit, I too thought it was great. I just wish I had his writing style and flair. Tom you do deserve the honor of Handler of the Year.

Second runner up was Cory Altheide with his story of Halloween Terror. Again I have to agree with the readers. Great job Corey.

We also received several emails from our readers stating that all of the diaries were great. That all should be voted the best. Thanks to all of you who voted. And thanks to all of you who gave such positive feedback. I think that I speak for all of the volunteers at the Storm Center when I say that we enjoy doing what we do. We enjoy hearing from all of you.

Happy New Year
I would like to personnally wish each and everyone of you a healthly, happy and secure 2005.

I especially want to extend my greetings and my thanks to all of my fellow handlers around the globe. All volunteer time and talents to anyone who is interested and wants to learn more. We receive no monetary pay for what we do, however we receive something much more valuable, friendship and camaraderie. I have learned so much from each of them. So to each of you my fellow Handlers, Happy New Year and May You Thrive in 2005.

Handler On Duty

Deb Hale

For those of you that are interested - here is a sample of the 2004 Diaries.


New SoBig Wave



Microsoft ASN.1 vulnerability (MS04-007)

Netsky virus


Virus writers declare war

BJs Alerts of Possible Credit Card Theft


Major Microsoft vulnerabilities
Cisco Vulnerabilites and Metasploit 2.0


Sasser and Phatbot authors caught

Symantec Firewall Vulnerabilities

CVS Vulnerability


Cisco BGP DoS

ISCAlert and sober.h

Russian Hacks/download.ject


Bagle Source Code Release

Distributed Brute Force FTP Scans

Follow the Bouncing Malware I


XPSP2 released

Follow the Bouncing Malware II


MS .jpg vulnerability (MS04-028)




Ten bulletins (7 critical) released by MS

Multiple Browser Vulnerabilities


A Terrifying Tale of TCP ... Terror


Follow The Bouncing Malware (Part III)

Sun JVM Vulnerability

Follow The Bouncing Malware (Part IV)

Santy worm

PHP Include Worm
Time is running out for *you* to write your diary!

We are planning a diary for the first week of the New Year that is exclusively a "Reader's Diary". This will be a diary of inputs from you, our readers, to the rest of the world. We are looking for inputs that pertain to ISC, the Internet, New Year Predictions, suggestions, 'thank you' notes, almost anything (within reason). We will try to get all of the inputs posted, and they will be available for reading on January 2nd/3rd. Please include your name and valid email address. Names will be posted, however email addresses will be kept private.

Please submit entries to by Jan. 2nd 1200hrs GMT to be added to the diary.


279 Posts
ISC Handler
Jan 1st 2005

Sign Up for Free or Log In to start participating in the conversation!