RE: Revenue loss due to breakins

From: Mark Challender (MarkCat_private)
Date: Fri Aug 24 2001 - 12:52:20 PDT

Next message: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"

Previous message: Avleen Vig: "Re: Smurf Broadcast DoS attack"
Maybe in reply to: Reeves, Michael (GEAE, Compaq): "Revenue loss due to breakins"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Qwest DSL problem is BIG.  All of the Cisco 675 and 678 modems
are affected.  Some of the modems I have been seeing have had their
NVRAM totally messed up.  The other problem has been that the web
management interface is open to the outside.

Add those problems to the one that many DSL customers don't have the
management cable and you have to call Qwest to get one and you have
an even bigger mess.

The good news is that once you get the cable the fix takes about
twenty minutes (writing the NVRAM and setting the web interface to a
port between 1024 and 9999 and making it only listen to a 10.xx.xx.xx
address.

Other good news....... it is a way to make a few extra bucks.

- -----Original Message-----
From: Thomas Frerichs [mailto:tfrerichat_private]
Sent: Thursday, August 23, 2001 3:43 PM
To: Big Woz; incidentsat_private
Subject: RE: Revenue loss due to breakins


The second link below points to a news article containing a quote
that said:

'"We are solely dependent on Qwest DSL for our Internet connection,
and if
it goes down, we don't have a business," said Doug Colbeck, president
of the
outdoor recreation site Trails.com...'"

What's funny is that one of the IP addresses sending the Code Red II
worm to
my Apache server was the Trails.com site. Their server itself was
infected
with Code Red II. And they want to complain about Qwest? I guess we
have to
find someone to blame...

Tom "The whole thing is my fault because I patched my server"
Frerichs


- -----Original Message-----
From: Big Woz
Sent: Thursday, August 23, 2001 12:34 PM



There were some stories cited on whitehats (http://www.whitehats.com)
on
some mom and pop businesses that lost their network because qwest
blocked port 80.

http://investor.cnet.com/investor/news/newsitem/0-9900-1028-6950192-0.
html?t
ag=ats

- --adam



- ----------------------------------------------------------------------
- ------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO4av0N5aUxficepaEQI9uACgsxQAiJ8tu2icTf/vlr+/BUCcZ9IAniiQ
z5I2Qw2I3WFDwfjBZdPCqcZX
=P9b8
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: David Bronder: "Re: [incidents] Re: Re : Large scale scan of port 2401"
Previous message: Avleen Vig: "Re: Smurf Broadcast DoS attack"
Maybe in reply to: Reeves, Michael (GEAE, Compaq): "Revenue loss due to breakins"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 12:48:24 PDT