RE: login attempt admin/password

["Bill Lavalette" <blavalet () homenet-security com>]

A) do you have a Netgear router?
B) If so is the default password still on the router

If answer = no for A) or B) you do not have a threat from what I can see..

Additionally If you see this sig in your logs it could be from attempts on
the router if you have one. or it could be someone scanning for such router
in either case if you do not have this device on your network I would not
worry about it.


Kind Regards,

Bill

====== HomeNet Security ========
Bill Lavalette -- Network Security Officer
CCSA-CCSE
Crisis Migitator
ID Theft Prevention Mentor
WWW http://www.homenet-security.com
==========================
Defending The Home LAN

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]On Behalf Of tyrian2uk () yahoo co uk
Sent: Saturday, December 08, 2007 3:52 AM
To: focus-ids () securityfocus com
Subject: login attempt admin/password


WEB-INSC NetGear router Default password login attempt admin/password
i see this signature detect by IDS  how do i check if it is a threat or not
?
external ip:1710 -> internal IP:80

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw
to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------