[37566] in North American Network Operators' Group
Broadband security?
daemon@ATHENA.MIT.EDU (Joe Blanchard)
Wed May 16 07:03:52 2001
Message-ID: <E9BBE0941932D511934C0002A52CDB4E2D0677@sj-exchange.wyse.com>
From: Joe Blanchard <jblanchard@wyse.com>
To: nanog@merit.edu
Date: Wed, 16 May 2001 03:52:50 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C0DDF6.59CD1640"
Errors-To: owner-nanog-outgoing@merit.edu
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C0DDF6.59CD1640
Content-Type: text/plain;
charset="iso-8859-1"
Please excuse the redundancy regarding this topic, but I can't help
publisizing this.
A few weeks ago I came across a rather odd opening regarding a certain ISP
and its Cayman's DSL routers. Oddly enough I found 19 open routers actually
telling/publisizing that there was no password set for the admin account
using little more than a web browser (of course one of them being mine). A
bit concerned I contacted the ISP in question, their NOC to be exact, and
told them of this. During the conversation it was pretty clear that the NOC
person didn't really care, and that "The customer is responsible for that
security" or better said (not my job) applied within this situation. A bit
concerned I contacted a sales rep from that same ISP and got this "wow,
really, can you send me those IP addys and we'll look into it right away!".
With some strange sense of helpfulness I sent those items to him and heard
not a word. That was about 2 weeks ago, and I again checked on the nodes I
had seen them open and found the same openings. I thought perhaps it was
just a honey pot, but after changing two of the routers then restarting them
and seeing the changes I knew nothing had been done. On a whem, and sort of
a bet, I did a scan of the ISP's net and found over 100 Cayman routers open,
as well some odd 20 SpeedStream routers (simple password/login just give it
admin and you have the keys to the kingdom so to speak). To me, and perhaps
I am missing something here, This seems a bit odd, in that a major ISP
deploying these items would in fact leave routers, ok junior routers, this
wide open. I really don't want to name the ISP in question openly for the
obvious reasons, but has it really gotten to the point that Broadband for
businesses is slapped in with no security and no education to the persons
getting it?
Sorry for the rant
-Joe
------_=_NextPart_001_01C0DDF6.59CD1640
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>Broadband security?</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2>Please excuse the redundancy regarding this topic, =
but I can't help publisizing this. </FONT>
<BR><FONT SIZE=3D2>A few weeks ago I came across a rather odd opening =
regarding a certain ISP and its Cayman's DSL routers. Oddly =
enough I found 19 open routers actually telling/publisizing that there =
was no password set for the admin account using little more than a web =
browser (of course one of them being mine). A bit concerned I contacted =
the ISP in question, their NOC to be exact, and told them of this. =
During the conversation it was pretty clear that the NOC person didn't =
really care, and that "The customer is responsible for that =
security" or better said (not my job) applied within this =
situation. A bit concerned I contacted a sales rep from that same ISP =
and got this "wow, really, can you send me those IP addys and =
we'll look into it right away!". With some strange sense of =
helpfulness I sent those items to him and heard not a word. That was =
about 2 weeks ago, and I again checked on the nodes I had seen them =
open and found the same openings. I thought perhaps it was just a honey =
pot, but after changing two of the routers then restarting them and =
seeing the changes I knew nothing had been done. On a whem, and sort of =
a bet, I did a scan of the ISP's net and found over 100 Cayman routers =
open, as well some odd 20 SpeedStream routers (simple password/login =
just give it admin and you have the keys to the kingdom so to speak). =
To me, and perhaps I am missing something here, This seems a bit odd, =
in that a major ISP deploying these items would in fact leave routers, =
ok junior routers, this wide open. I really don't want to name the ISP =
in question openly for the obvious reasons, but has it really gotten to =
the point that Broadband for businesses is slapped in with no security =
and no education to the persons getting it?</FONT></P>
<P><FONT SIZE=3D2>Sorry for the rant</FONT>
<BR><FONT SIZE=3D2>-Joe</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C0DDF6.59CD1640--
