Re: Broadband security?

[Josh Richards <jrichard () cubicle net>]

* Joe Blanchard <jblanchard () wyse com> [20010516 03:29]:
> and seeing the changes I knew nothing had been done. On a whem, and sort of
> a bet, I did a scan of the ISP's net and found over 100 Cayman routers open,
> as well some odd 20 SpeedStream routers (simple password/login just give it
> admin and you have the keys to the kingdom so to speak). To me, and perhaps
> I am missing something here, This seems a bit odd, in that a major ISP
> deploying these items would in fact leave routers, ok junior routers, this
> wide open. I really don't want to name the ISP in question openly for the
> obvious reasons, but has it really gotten to the point that Broadband for
> businesses is slapped in with no security and no education to the persons
> getting it?

Yep.  Although this is nothing new.  The heavier deployment of xDSL and Cable
to unsuspecting end-users has only made it more obvious.  What do you expect
when a new CPE (router or bridge) is handed to Joe Blow by their ISP with
minimal security measures in place?  He's certainly not going to know how to 
lock it down!  The next several years are going to be interesting.  Some 
ISPs are going to get bitten in the ass as their customers' networks are 
compromised.  This has already happened in some cases but the ISPs are not 
yet feeling the costs from fixing the situations afterwards.  Perhaps when 
they begin to they'll start working on being more pro-active.  Or perhaps 
they are already feeling it..

> Sorry for the rant

I'd rant at your ISP.  It is their customers and, ultimately, them that will
feel the pain.  

This industry isn't going away but we've still got a LOT of work to do. :-)

-jr

----
Josh Richards <jrichard@{ geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN]
Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/>
KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek