[68706] in North American Network Operators' Group
Re: Platinum accounts for the Internet (was Re: who offers cheap
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Mon Mar 15 19:11:13 2004
Date: Tue, 16 Mar 2004 00:10:36 +0000 (GMT)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: jlewis@lewis.org
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.58.0403151843390.1969@web1.mmaero.com>
Errors-To: owner-nanog-outgoing@merit.edu
> I find it ironic that one of the presentations at the last nanog was about
> a system kind of like that:
> http://www.nanog.org/mtg-0402/gauthier.html
> and that we had some luser on the nanog30 wireless network infected by SQL
> slammer.
Well it wouldnt be nanog without a few infections, password grabs and other
random security breaches....
> Does anyone know who that was, how/if they were located and removed from
> the network, and whether they brought an infected PC (either via stupidity
> or as a joke) or simply brought an unpatched system out from behind their
> firewall/packet filters and got infected before they got a chance to
> actually use the network?
Probably genuine error (clueless/oversight), no names.. where is Randy when you
want him?
> After that incident, I sniffed the wireless for a little while and noticed
> slammer is alive and well out on the internet and still trying to infect
> the rest of the internet.
*jlewis in network sniffing shock!*
> We're still blocking it at our transit borders. The one time it was
> removed (accidentally), a colo customer was infected very shortly after
> the filter's protection was lost.
yeah theres lots, we filter for several known worms on the gateway routers at
the meetings we sponsor, i recommend nanog sponsors do the same (altho it cant
save u from the devil within)
Steve
>
> ----------------------------------------------------------------------
> Jon Lewis *jlewis@lewis.org*| I route
> Senior Network Engineer | therefore you are
> Atlantic Net |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>
