RE: Possible security problem??

From: Malcolm Topperwien (malcolmt@rcstech.com.au)
Date: 08/20/01 

Message-ID: <B2AC8CAEA83FEE48B45C9E0E59F53F4402C169@rcssrv01.uniontrust.com.au>
From: Malcolm Topperwien <malcolmt@rcstech.com.au>
To: "'Stuart_Luscombe@computacenter.com'" <Stuart_Luscombe@computacenter.com>, security-basics@securityfocus.com
Subject: RE: Possible security problem??
Date: Mon, 20 Aug 2001 11:20:57 +0800

Hi there.

I was speaking to another consultant the other day in regards to this issue.
It seems that the IP of the Alcatel DSL Modem (If it's the same as the ones
here in Australia, Alcatel Home ADSL Modem) has a Web Service on it.

I belive that the IP was something in the 10.x.x.x range possibly 10.0.0.39
?

The other consultant told me that it was a monitoring interface and was only
useful to monitor status of the link and possibly a few oher things about
the modem. I have not investigated this further.

Malcolm

-----Original Message-----
From: Stuart_Luscombe@computacenter.com
[mailto:Stuart_Luscombe@computacenter.com]
Sent: Friday, 17 August 2001 6:24 PM
To: security-basics@securityfocus.com
Subject: Possible security problem??

I have an Alcatel DSL router connected to my network. After a curious
thought
yesterday, I wondered if the
web-based interface would be accesible via the IP address assigned to me by
my
ISP. After tapping in the address
to IE, sure enough the interface came up. I did a portscan on that address
and
it showed that port 80 was open.
However, if I try and access it from anywhere else (i.e. a friends house),
it
looks as if it will connect but just times
out....

Is this something I should be worried about? And if it is, is there anyway I
can
sort it out? 

--
Stuart

If you are not the intended recipient be advised that you have received 
this email in error and any use, dissemination, forwarding, printing 
or copying of it is strictly prohibited. It is the responsibility 
of the addressee to scan this mail and any attachments 
for computer viruses or other defects. The sender does not 
accept liability for any loss or damage of any nature, 
however caused, which may result directly or indirectly 
from this email or any file attached.

Relevant Pages

  • RE: Coexistance of Windows 2000 and Windows 2003
    ... I'm not sure what your consultant means when he says "master." ... Coexistance of Windows 2000 and Windows 2003 ... this is Security related as far as crashing an AD is a security problem, ... most highly-anticipated industry event of the year. ...
    (Focus-Microsoft)
  • Re: Starting up as a security consultant
    ... You can consider attaining CISC i.e. Certified Information Security ... Consultant program from Network Intelligence Pvt. ...
    (Security-Basics)
  • Re: I cant go on Internet by the ISA Server but only by the Clients
    ... MCSE+I NT4, MCSA: Security, MCSE: Security, MCDBA, CCNA ... >> Mohammed A. Raslan ... >> Systems Engineer / Consultant ...
    (microsoft.public.isa)
  • Re: Linux, BSD, and Unix are fundamentally insecure.
    ... >> An opensource consultant visited my workplace recently and was ... >> upstaged by my MCSEs. ... >> sales call to the owner of the company who decided to see a demo of ... that they did not show anything except that physical access security is ...
    (comp.unix.bsd.freebsd.misc)
  • Re: Linux, BSD, and Unix are fundamentally insecure.
    ... >> An opensource consultant visited my workplace recently and was ... >> upstaged by my MCSEs. ... >> sales call to the owner of the company who decided to see a demo of ... that they did not show anything except that physical access security is ...
    (comp.unix.bsd.openbsd.misc)