Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: Network Security in India
From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 24 Nov 2004 10:15:15 -0600

Correct me if I am wrong, but a LAN that is plagued by worms, DOS
attacks, people sniffing passwords and privacy issues..is called the
Internet. It is a untrusted network and you should protect your network
from it...defense in layers..firewalls..proxies..you know.  

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Gautam R. Singh
Sent: Wednesday, November 24, 2004 8:45 AM
To: me.morris () gmail com; full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] Network Security in India


I am sure there would have been many lapses in security. And 
one such trend I see here is a number of small "cable" 
internet providers that have sprung up in my area (Delhi, 
NCR). All of them use RF links etc from ISP like Bharti, 
Primus etc and provide internet thru ethernet on a Cat5 cable.
And now imagine the possibilities. :) Users of such systems 
are on LAN, plagued by worms, DoS, privacy issues, sniffing 
passwords, monitoring what sites other peepz are visiting etc etc.

//is there any security list specific for India where we can 
just "discuss" & learn new things


Message: 14
Date: Wed, 24 Nov 2004 03:03:00 +0530
From: john morris <me.morris () gmail com>
Reply-To: john morris <me.morris () gmail com>
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Network Security in India

I had a brief stint Primus Telecom in delhi ( www.primus-direct.com).
It has a flat network with absolutely no security. The 
routers as as vulnerable to any known exploit and the same 
applies to a few web servers they host. The basics such as 
patch management is never taken care of.
This mail doesnot intend to harm any one but i want to know 
is this the way major ISP around the globe function.
The company functions on illegal frequencies (Primus's major 
customers connect through RF links). I have the proofs to 
show that they do function on frequencies not allocated to 
them and during routine check ups by the DoT ( Department of 
Telecommunications Govt. of India) They have to change the 
frequency for a while and do favors to the Govt.
Employees to keep the business going.
Well this is not my concern but somehow this seems unhealthy. 
Is this a practise worldwide.
During my interview with a company major i insisted on my 
security conern but the company was least bothered.
Would someone tell me is this the way the whole industry functions.
Inspite of reminders to the company that any lamer has the 
potential to run them out of business by bringing their whole 
network down within a few min( which includes the ETBwmgr , 
the netcache box or even the main router(7500 series with a 
backup)) has been given a deaf ear.
Is this the way a ISP with important clients in the pvt and 
the govt key sectors functions.

I personally doubt the future.

Is Primus listening. Its time to wake up.




Gautam R. Singh
[mcp, ccna, cspfa, unemployed] t: +91 9848 525 074 | pgp:
http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_ () hotmail

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]