Security Incidents mailing list archives

Re: SANS Consensus Security Awareness Project

From: "David Grisham CIRT Security Admin." <dave () UNM EDU>
Date: Thu, 21 Sep 2000 09:43:23 -0600

over the weekend our site was part of a SYN attack on another ISP.  The
site could not give us complete logs.  It did identify four IPs which were
involved.  These turned out to be printers with no passwords.  We had
earlier discovered a couple of printers that were also used in a large
DDoS attack.  Could somebody who has experience with this printer
exploit, please send me some details.  We are placing passwords on these
units. Cheers. --grish
   Dr. David D. Grisham, Security Admin. Phone (505) 277-8032 FAX 277-8101
   2701 Campus Blvd. NE CIRT, Univ. of New Mexico,
   Albuquerque, NM 87131 * e-mail:dave () unm edu * web:http://www.unm.edu/~dave
   --- finger dave () unm edu or see my web page for public key.
   Phone to:(505) 277-4646 or E-mail to security () unm edu will bring an
   immediate response from the security staff.  The CIRT security web page
   is www.unm.edu/~security

Name:    printer1.unm.edu (This is a printer an HP JetDirect it is not
                       password protected.)
Address:  129.24.219.xxx

Current thread:

Re: SANS Consensus Security Awareness Project David Grisham CIRT Security Admin. (Sep 22)
- <Possible follow-ups>
- Re: SANS Consensus Security Awareness Project H Carvey (Sep 24)
- Re: SANS Consensus Security Awareness Project WILSON, PAUL T. (JSC-ES) (Sep 29)