[AusNOG] Traffic from Optus and Telstra CPE addresses
Mark Newton
newton at atdot.dotat.org
Tue Mar 4 21:19:00 EST 2014
On 4 Mar 2014, at 4:03 pm, Jeremy Visser <jeremy at visser.name> wrote:
> In my case the casualty was a NetComm NB604n, which I understand to have had remote admin enabled on port 80. (!!!)
Oh look, another massive distributed attack that'd be prevented if ISPs implemented selectable connection blocking ACLs that could be pushed out to their customer edge in their Radius responses based on preferences indicated by users via toolbox settings. IF ONLY someone had thought of that.
Wait a minute, some ISPs have already done it, and won't have thousands of compromised customers spraying crap into everyone's firewall logs, and won't have to waste the next 3 months of helpdesk time on cleaning up the mess. It's almost as if they saw this one coming. And the next one. And the next one. And the one after that.
I wonder if the Telstras and Optuses of the world could learn a thing or two?
- mark
More information about the AusNOG
mailing list