Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: heads up ... another imapd attack source

  • From: Craig A. Huegen
  • Date: Tue Dec 15 01:26:25 1998

You will find this same situation with most cable modem providers
who give out "wingate" to users.  There is a certain cable modem
provider who has significant amounts of open wingates on their network,
capable of being used from the outside.

Nothing is being done to close these, though, until they're abused.
Scanning for them is considered a 'breach of privacy' (rather than a
security assessment) and unfortunately allows people day after day to
abuse other systems with a very difficult-to-trace open relay.

I've been told that newer versions of wingate handed out by these
providers have disabled open relaying from the outside; however,
users can (and do) play and can easily misconfigure them to allow
access from anywhere.

/cah

On Mon, Dec 14, 1998 at 04:53:30PM -0700, Christian Nielsen wrote:

==>But, to this day, they still have an open relay on their cable modem network
==>that allows script kiddies from around the world to use them(1). 




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.