Re: [Full-Disclosure] Network Security in India
From: Des Ward (des_ward_at_o2.co.uk)
Date: 11/24/04
- Previous message: Sune Kloppenborg Jeppesen: "[Full-Disclosure] [ GLSA 200411-33 ] TWiki: Arbitrary command execution"
- Maybe in reply to: john morris: "[Full-Disclosure] Network Security in India"
- Next in thread: Gautam R. Singh: "RE: [Full-Disclosure] Network Security in India"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Wed, 24 Nov 2004 09:21:28 GMT
Doesn't auger well for all this offshoring though. :(
-----Original Message-----
From: "Samir Kelekar" <samir@teknotrends.com>
Date: Wed, 24 Nov 2004 10:44:54
To:"john morris" <me.morris@gmail.com>, <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] Network Security in India
Hi John:
Thanks for that post. I am not at all surprised by the situation that you
have
described.
One of India's top telecomm companies Reliance routinely violates laws and
then gets away paying minimal fines. (The govt. is
in their pocket).
The situation wouldn't be much different in a lot of other places.
Nasscom (the association of India's software companies) is trying to do its
best enforcing good security practices in companies. Am not sure to what
extent it has succeeded.
Samir Kelekar
Teknotrends Software
Bangalore
----- Original Message -----
From: "john morris" <me.morris@gmail.com>
To: <full-disclosure@lists.netsys.com>
Sent: Wednesday, November 24, 2004 3:03 AM
Subject: [Full-Disclosure] Network Security in India
> I had a brief stint Primus Telecom in delhi ( www.primus-direct.com).
> It has a flat network with absolutely no security. The routers as as
> vulnerable to any known exploit and the same applies to a few web
> servers they host. The basics such as patch management is never taken
> care of.
> This mail doesnot intend to harm any one but i want to know is this
> the way major ISP around the globe function.
> The company functions on illegal frequencies (Primus's major customers
> connect through RF links). I have the proofs to show that they do
> function on frequencies not allocated to them and during routine check
> ups by the DoT ( Department of Telecommunications Govt. of India) They
> have to change the frequency for a while and do favors to the Govt.
> Employees to keep the business going.
> Well this is not my concern but somehow this seems unhealthy. Is this
> a practise worldwide.
> During my interview with a company major i insisted on my security
> conern but the company was least bothered.
> Would someone tell me is this the way the whole industry functions.
> Inspite of reminders to the company that any lamer has the potential
> to run them out of business by bringing their whole network down
> within a few min( which includes the ETBwmgr , the netcache box or
> even the main router(7500 series with a backup)) has been given a deaf
> ear.
> Is this the way a ISP with important clients in the pvt and the govt
> key sectors functions.
>
> I personally doubt the future.
>
> Is Primus listening. Its time to wake up.
>
>
>
> --
> (FROM LINKS TO LINKS WE ARE ALL LINKED)
>
> cheersssss.....
>
> morris
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Kind regards,
Des Ward
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Sune Kloppenborg Jeppesen: "[Full-Disclosure] [ GLSA 200411-33 ] TWiki: Arbitrary command execution"
- Maybe in reply to: john morris: "[Full-Disclosure] Network Security in India"
- Next in thread: Gautam R. Singh: "RE: [Full-Disclosure] Network Security in India"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
