Cisco/Level3 takedown

• Previous message (by thread): Cisco/Level3 takedown
• Next message (by thread): Cisco/Level3 takedown
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sorry, I’m getting it now too.  False alarm.

Steve

From: Josh Luthman [mailto:josh at imaginenetworksllc.com]
Sent: Thursday, April 09, 2015 6:56 PM
To: Naslund, Steve
Cc: NANOG list
Subject: RE: Cisco/Level3 takedown


Websites up for me.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Apr 9, 2015 7:55 PM, "Naslund, Steve" <SNaslund at medline.com<mailto:SNaslund at medline.com>> wrote:
Can anyone else get to http://blogs.cisco.com  ?  I can't seem to reach it and was wondering if there was a counterattack of some type.  Traceroute takes me to Rackspace in Dallas but the web site is not up.

Steven Naslund
Chicago IL

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org<mailto:nanog-bounces at nanog.org>] On Behalf Of Christopher Morrow
Sent: Thursday, April 09, 2015 10:48 AM
To: Sameer Khosla
Cc: nanog at nanog.org<mailto:nanog at nanog.org>
Subject: Re: Cisco/Level3 takedown

On Thu, Apr 9, 2015 at 11:31 AM, Sameer Khosla <skhosla at neutraldata.com<mailto:skhosla at neutraldata.com>> wrote:
> Was just reading http://blogs.cisco.com/security/talos/sshpsychos then checking my routing tables.
>
> Looks like the two /23's they mention are now being advertised as /24's, and I'm also not sure why cisco published the ssh attack dictionary.
>
> It seems to me that this is something that if they want to do, they should be working with entire service provider community, not just one provider.

are you sure they aren't engaged with a wider SP community?
(the dictionary seems relevant for: "Oh crap, my root account DOES have password123 as the password :(")

• Previous message (by thread): Cisco/Level3 takedown
• Next message (by thread): Cisco/Level3 takedown
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]