Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

To: ascend-users@bungi.com
Subject: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
From: Andrew Cutler <andrewc@xtra.co.nz>
Date: Tue, 17 Mar 1998 22:29:21 +1200
Organization: XTRA - Telecom Internet Services
References: <Pine.LNX.3.95.980316170947.16930B-100000@sonnet1.sonnet.com>
Sender: owner-ascend-users@max.bungi.com

Correct me if I read this wrong but the attacker has to guess the SNMP
community name, so unless it's left as default it's going to be pretty hard
to find. IMHO if you leave a system open to the internet with defaults you're
begging for trouble.

Cheers

bcurnow wrote:

> The ascend kill works, and is easy to filter across networks, but it
> doesn't look like the Ascend itself can be protected.  The built in filter
> code doesn't seem to process the packet before the damage is done.
>
> I suppose this means a whole bunch of dial-up MAXs are going to be diving
> for the next 24 hours or so.
>
> ----------------- Brian  Curnow ----------------
>
> ++ Ascend Users Mailing List ++
> To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
> To get FAQ'd:   <http://www.nealis.net/ascend/faq>



++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

From: Joe Pautler <pautler@grasshopper.cit.buffalo.edu>

Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

From: Joe Shaw <jshaw@insync.net>

References:

Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

From: bcurnow <bcurnow@sonnet.com>

Prev by Date: Re: (ASCEND) ISDN w/o PRI?
Next by Date: Re: (ASCEND) Malfunction :(
Prev by thread: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
Next by thread: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
Index(es):
- Main
- Thread