RE: Cisco/Level3 takedown

[Josh Luthman <josh () imaginenetworksllc com>]

Websites up for me.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Apr 9, 2015 7:55 PM, "Naslund, Steve" <SNaslund () medline com> wrote:

> Can anyone else get to http://blogs.cisco.com  ?  I can't seem to reach
> it and was wondering if there was a counterattack of some type.  Traceroute
> takes me to Rackspace in Dallas but the web site is not up.
>
> Steven Naslund
> Chicago IL
>
> -----Original Message-----
> From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Christopher
> Morrow
> Sent: Thursday, April 09, 2015 10:48 AM
> To: Sameer Khosla
> Cc: nanog () nanog org
> Subject: Re: Cisco/Level3 takedown
>
> On Thu, Apr 9, 2015 at 11:31 AM, Sameer Khosla <skhosla () neutraldata com>
> wrote:
> > Was just reading http://blogs.cisco.com/security/talos/sshpsychos then
> checking my routing tables.
> > Looks like the two /23's they mention are now being advertised as /24's,
> and I'm also not sure why cisco published the ssh attack dictionary.
> > It seems to me that this is something that if they want to do, they
> should be working with entire service provider community, not just one
> provider.
>
> are you sure they aren't engaged with a wider SP community?
> (the dictionary seems relevant for: "Oh crap, my root account DOES have
> password123 as the password :(")