The draft BCP that people are working on is OK.
However, much of what I have seen today in my lab, might
be better off discussed in private... I'll say, as most
of you know, SR filtering is useful, but it cannot
stop the attacks.
Kernel Protection and Recovery Tools are Critical
and Needed in a Hurry.
Right now, I could use a 'simple command line flush
the queue, close all sockets, release all descriptors'
If anyone has such a critter, it is one more brick
in the wall.
Please let me know. via e-mail, thanks.