IDS mailing list archives
Re: login attempt admin/password
From: Seth <sethsec () gmail com>
Date: Mon, 10 Dec 2007 13:27:51 -0500
Do you have any NetGear Routers deployed at your site? If so, does username=admin & password=password? If either one of those answers is no, then you are not vulnerable to that attack. If you do have a netgear router, but you have changed the default username or password, you are not vulnerable to that attack. This alert is just telling you that someone tried to log with admin/password. It does not tell you if the person stopped at that attempt, or then attempted another 1000 username/password combinations. If you do have a NetGear router, I would recommend restricting access to it to only the IP's that need to get to it using a host or network based firewall, or both. Regards, Seth On 8 Dec 2007 08:51:37 -0000, <tyrian2uk () yahoo co uk> wrote:
WEB-INSC NetGear router Default password login attempt admin/password i see this signature detect by IDS how do i check if it is a threat or not ? external ip:1710 -> internal IP:80 ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- login attempt admin/password tyrian2uk (Dec 10)
- RE: login attempt admin/password Bill Lavalette (Dec 10)
- Re: login attempt admin/password Seth (Dec 10)
- Re: login attempt admin/password Ron Gula (Dec 10)