Platinum accounts for the Internet (was Re: who offers cheap (personal) 1U colo?)
Stephen J. Wilcox
steve at telecomplete.co.uk
Tue Mar 16 00:10:36 UTC 2004
> I find it ironic that one of the presentations at the last nanog was about
> a system kind of like that:
> http://www.nanog.org/mtg-0402/gauthier.html
> and that we had some luser on the nanog30 wireless network infected by SQL
> slammer.
Well it wouldnt be nanog without a few infections, password grabs and other
random security breaches....
> Does anyone know who that was, how/if they were located and removed from
> the network, and whether they brought an infected PC (either via stupidity
> or as a joke) or simply brought an unpatched system out from behind their
> firewall/packet filters and got infected before they got a chance to
> actually use the network?
Probably genuine error (clueless/oversight), no names.. where is Randy when you
want him?
> After that incident, I sniffed the wireless for a little while and noticed
> slammer is alive and well out on the internet and still trying to infect
> the rest of the internet.
*jlewis in network sniffing shock!*
> We're still blocking it at our transit borders. The one time it was
> removed (accidentally), a colo customer was infected very shortly after
> the filter's protection was lost.
yeah theres lots, we filter for several known worms on the gateway routers at
the meetings we sponsor, i recommend nanog sponsors do the same (altho it cant
save u from the devil within)
Steve
>
> ----------------------------------------------------------------------
> Jon Lewis *jlewis at lewis.org*| I route
> Senior Network Engineer | therefore you are
> Atlantic Net |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>
More information about the NANOG
mailing list