North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Broadband security?
- From: Joe Blanchard
- Date: Wed May 16 07:05:08 2001
Title: Broadband security?
Please excuse the redundancy regarding this topic, but I can't help publisizing this.
A few weeks ago I came across a rather odd opening regarding a certain ISP and its Cayman's DSL routers. Oddly enough I found 19 open routers actually telling/publisizing that there was no password set for the admin account using little more than a web browser (of course one of them being mine). A bit concerned I contacted the ISP in question, their NOC to be exact, and told them of this. During the conversation it was pretty clear that the NOC person didn't really care, and that "The customer is responsible for that security" or better said (not my job) applied within this situation. A bit concerned I contacted a sales rep from that same ISP and got this "wow, really, can you send me those IP addys and we'll look into it right away!". With some strange sense of helpfulness I sent those items to him and heard not a word. That was about 2 weeks ago, and I again checked on the nodes I had seen them open and found the same openings. I thought perhaps it was just a honey pot, but after changing two of the routers then restarting them and seeing the changes I knew nothing had been done. On a whem, and sort of a bet, I did a scan of the ISP's net and found over 100 Cayman routers open, as well some odd 20 SpeedStream routers (simple password/login just give it admin and you have the keys to the kingdom so to speak). To me, and perhaps I am missing something here, This seems a bit odd, in that a major ISP deploying these items would in fact leave routers, ok junior routers, this wide open. I really don't want to name the ISP in question openly for the obvious reasons, but has it really gotten to the point that Broadband for businesses is slapped in with no security and no education to the persons getting it?
Sorry for the rant
-Joe
|