Home page logo

nanog logo nanog mailing list archives

Re: Broadband security?
From: Josh Richards <jrichard () cubicle net>
Date: Wed, 16 May 2001 16:08:30 -0700

* Joe Blanchard <jblanchard () wyse com> [20010516 03:29]:
and seeing the changes I knew nothing had been done. On a whem, and sort of
a bet, I did a scan of the ISP's net and found over 100 Cayman routers open,
as well some odd 20 SpeedStream routers (simple password/login just give it
admin and you have the keys to the kingdom so to speak). To me, and perhaps
I am missing something here, This seems a bit odd, in that a major ISP
deploying these items would in fact leave routers, ok junior routers, this
wide open. I really don't want to name the ISP in question openly for the
obvious reasons, but has it really gotten to the point that Broadband for
businesses is slapped in with no security and no education to the persons
getting it?

Yep.  Although this is nothing new.  The heavier deployment of xDSL and Cable
to unsuspecting end-users has only made it more obvious.  What do you expect
when a new CPE (router or bridge) is handed to Joe Blow by their ISP with
minimal security measures in place?  He's certainly not going to know how to 
lock it down!  The next several years are going to be interesting.  Some 
ISPs are going to get bitten in the ass as their customers' networks are 
compromised.  This has already happened in some cases but the ISPs are not 
yet feeling the costs from fixing the situations afterwards.  Perhaps when 
they begin to they'll start working on being more pro-active.  Or perhaps 
they are already feeling it..

Sorry for the rant

I'd rant at your ISP.  It is their customers and, ultimately, them that will
feel the pain.  

This industry isn't going away but we've still got a LOT of work to do. :-)


Josh Richards <jrichard () { geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN]
Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/>
KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]