nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Platinum accounts for the Internet (was Re: who offers cheap (personal) 1U colo?)

From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Tue, 16 Mar 2004 00:10:36 +0000 (GMT)


I find it ironic that one of the presentations at the last nanog was about
a system kind of like that:
http://www.nanog.org/mtg-0402/gauthier.html
and that we had some luser on the nanog30 wireless network infected by SQL
slammer.


Well it wouldnt be nanog without a few infections, password grabs and other 
random security breaches....


Does anyone know who that was, how/if they were located and removed from
the network, and whether they brought an infected PC (either via stupidity
or as a joke) or simply brought an unpatched system out from behind their
firewall/packet filters and got infected before they got a chance to
actually use the network?


Probably genuine error (clueless/oversight), no names.. where is Randy when you 
want him?


After that incident, I sniffed the wireless for a little while and noticed
slammer is alive and well out on the internet and still trying to infect
the rest of the internet.


*jlewis in network sniffing shock!*


We're still blocking it at our transit borders.  The one time it was
removed (accidentally), a colo customer was infected very shortly after
the filter's protection was lost.


yeah theres lots, we filter for several known worms on the gateway routers at 
the meetings we sponsor, i recommend nanog sponsors do the same (altho it cant 
save u from the devil within)

Steve



----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Previous By Date Next
Previous By Thread Next

Current thread: