-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Qwest DSL problem is BIG. All of the Cisco 675 and 678 modems are affected. Some of the modems I have been seeing have had their NVRAM totally messed up. The other problem has been that the web management interface is open to the outside. Add those problems to the one that many DSL customers don't have the management cable and you have to call Qwest to get one and you have an even bigger mess. The good news is that once you get the cable the fix takes about twenty minutes (writing the NVRAM and setting the web interface to a port between 1024 and 9999 and making it only listen to a 10.xx.xx.xx address. Other good news....... it is a way to make a few extra bucks. - -----Original Message----- From: Thomas Frerichs [mailto:tfrerichat_private] Sent: Thursday, August 23, 2001 3:43 PM To: Big Woz; incidentsat_private Subject: RE: Revenue loss due to breakins The second link below points to a news article containing a quote that said: '"We are solely dependent on Qwest DSL for our Internet connection, and if it goes down, we don't have a business," said Doug Colbeck, president of the outdoor recreation site Trails.com...'" What's funny is that one of the IP addresses sending the Code Red II worm to my Apache server was the Trails.com site. Their server itself was infected with Code Red II. And they want to complain about Qwest? I guess we have to find someone to blame... Tom "The whole thing is my fault because I patched my server" Frerichs - -----Original Message----- From: Big Woz Sent: Thursday, August 23, 2001 12:34 PM There were some stories cited on whitehats (http://www.whitehats.com) on some mom and pop businesses that lost their network because qwest blocked port 80. http://investor.cnet.com/investor/news/newsitem/0-9900-1028-6950192-0. html?t ag=ats - --adam - ---------------------------------------------------------------------- - ------ This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO4av0N5aUxficepaEQI9uACgsxQAiJ8tu2icTf/vlr+/BUCcZ9IAniiQ z5I2Qw2I3WFDwfjBZdPCqcZX =P9b8 -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 12:48:24 PDT