Re: Cisco vulnerability scanning increase
From: NotPhunny Dude (morriswurm_at_yahoo.com)
Date: 09/06/05
- Previous message: Jose Nazario: "RE: Cisco vulnerability scanning increase"
- Maybe in reply to: morriswurm_at_yahoo.com: "Cisco vulnerability scanning increase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Sep 2005 08:49:43 -0700 (PDT) To: incidents@securityfocus.com
Thanks for all the feedback. I'm not really worried
about being vulnerable, as indeed any wise network
admin turns off the web interface for routers and
switches. More so, I was worried if my corp was being
specifically targetted or not. When you see 200+ IP's
hitting some specific machines on your network, I
would tend to worry about a potential DoS. From all
the replies, apparently it is more widespread and not
just after me. Thanks again.
- Jack Bristow
>
> ----- Original Message -----
> From: <morriswurm@yahoo.com>
> To: <incidents@securityfocus.com>
> Sent: Friday, September 02, 2005 12:17 PM
> Subject: Cisco vulnerability scanning increase
>
>
> >
> > We recently picked up a spike in TCP 80 scanning
> against one of our
> > netblocks.
> >
> > Looking at the payload, it appears to be a Cisco
> vulnerability scanner.
> >
> > /level/16/exec/-///pwd
> >
> > Numerous random source IP's across various
> netblocks, makes it appear to
> > be bot related potentially. Anyone else seeing
> this type of activity?
>
>
______________________________________________________
Click here to donate to the Hurricane Katrina relief effort.
http://store.yahoo.com/redcross-donate3/
- Previous message: Jose Nazario: "RE: Cisco vulnerability scanning increase"
- Maybe in reply to: morriswurm_at_yahoo.com: "Cisco vulnerability scanning increase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
