Security Incidents mailing list archives
RE: Revenue loss due to breakins
From: Mark Challender <MarkC () mtbaker wednet edu>
Date: Fri, 24 Aug 2001 12:52:20 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Qwest DSL problem is BIG. All of the Cisco 675 and 678 modems are affected. Some of the modems I have been seeing have had their NVRAM totally messed up. The other problem has been that the web management interface is open to the outside. Add those problems to the one that many DSL customers don't have the management cable and you have to call Qwest to get one and you have an even bigger mess. The good news is that once you get the cable the fix takes about twenty minutes (writing the NVRAM and setting the web interface to a port between 1024 and 9999 and making it only listen to a 10.xx.xx.xx address. Other good news....... it is a way to make a few extra bucks. - -----Original Message----- From: Thomas Frerichs [mailto:tfrerich () shiboleth net] Sent: Thursday, August 23, 2001 3:43 PM To: Big Woz; incidents () securityfocus com Subject: RE: Revenue loss due to breakins The second link below points to a news article containing a quote that said: '"We are solely dependent on Qwest DSL for our Internet connection, and if it goes down, we don't have a business," said Doug Colbeck, president of the outdoor recreation site Trails.com...'" What's funny is that one of the IP addresses sending the Code Red II worm to my Apache server was the Trails.com site. Their server itself was infected with Code Red II. And they want to complain about Qwest? I guess we have to find someone to blame... Tom "The whole thing is my fault because I patched my server" Frerichs - -----Original Message----- From: Big Woz Sent: Thursday, August 23, 2001 12:34 PM There were some stories cited on whitehats (http://www.whitehats.com) on some mom and pop businesses that lost their network because qwest blocked port 80. http://investor.cnet.com/investor/news/newsitem/0-9900-1028-6950192-0. html?t ag=ats - --adam - ---------------------------------------------------------------------- - ------ This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO4av0N5aUxficepaEQI9uACgsxQAiJ8tu2icTf/vlr+/BUCcZ9IAniiQ z5I2Qw2I3WFDwfjBZdPCqcZX =P9b8 -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Revenue loss due to breakins Reeves, Michael (GEAE, Compaq) (Aug 22)
- <Possible follow-ups>
- RE: Revenue loss due to breakins Reeves, Michael (GEAE, Compaq) (Aug 23)
- Re: Revenue loss due to breakins JohnNicholson (Aug 23)
- Re: Revenue loss due to breakins Big Woz (Aug 23)
- RE: Revenue loss due to breakins Thomas Frerichs (Aug 24)
- Re: Revenue loss due to breakins Big Woz (Aug 23)
- Re: Revenue loss due to breakins Stephen Friedl (Aug 23)
- Re: Revenue loss due to breakins daniel heinonen (Aug 24)
- RE: Revenue loss due to breakins Mark Challender (Aug 27)