Security Incidents mailing list archives
Re: SANS Consensus Security Awareness Project
From: "WILSON, PAUL T. (JSC-ES)" <paul.t.wilson1 () JSC NASA GOV>
Date: Thu, 28 Sep 2000 15:13:36 -0500
Passwording may be sufficient. How old are these JetDirect cards? You may want to install newer ones that are reported to address a number of security issues. Paul T Wilson Lockheed Martin CCS UNIX Coordinator and Systems Security Representative 281-483-5429 pgr 281-527-2140 CCS Service Center 281-483-1122 paul.t.wilson () jsc nasa gov
---------- From: David Grisham CIRT Security Admin. Reply To: David Grisham CIRT Security Admin. Sent: Thursday, September 21, 2000 10:43 AM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: SANS Consensus Security Awareness Project over the weekend our site was part of a SYN attack on another ISP. The site could not give us complete logs. It did identify four IPs which were involved. These turned out to be printers with no passwords. We had earlier discovered a couple of printers that were also used in a large DDoS attack. Could somebody who has experience with this printer exploit, please send me some details. We are placing passwords on these units. Cheers. --grish Dr. David D. Grisham, Security Admin. Phone (505) 277-8032 FAX 277-8101 2701 Campus Blvd. NE CIRT, Univ. of New Mexico, Albuquerque, NM 87131 * e-mail:dave () unm edu * web:http://www.unm.edu/~dave --- finger dave () unm edu or see my web page for public key. Phone to:(505) 277-4646 or E-mail to security () unm edu will bring an immediate response from the security staff. The CIRT security web page is www.unm.edu/~securityName: printer1.unm.edu (This is a printer an HP JetDirect it is not password protected.) Address: 129.24.219.xxx
Current thread:
- Re: SANS Consensus Security Awareness Project David Grisham CIRT Security Admin. (Sep 22)
- <Possible follow-ups>
- Re: SANS Consensus Security Awareness Project H Carvey (Sep 24)
- Re: SANS Consensus Security Awareness Project WILSON, PAUL T. (JSC-ES) (Sep 29)