[scg-sec] attacks re: telnet issue
Wendy Garvin
wgarvin at cisco.com
Mon Aug 30 00:06:14 EDT 2004
Folks,
There have been a few scattered stories of attacks on the telnet issue we
announced last week. You all already know how to protect yourselves, and I'm
sure the few places you didn't have VTY ACLs you do now.
If any of you are logging source addresses from hits on those vty ACLs to
port 23 and would feel comfortable sharing them, I'd like to track them back
to see if we're getting hit from owned addresses, a particular group of
addresses associated with a particular crew, or anything similar. If you
forward me this type of information, please let me know if I need to
sanitize it at all to share it with folks like Team Cymru. Any trends or
reports I get out of this I will share with all of you.
Thanks,
-Wendy
--
Wendy Garvin - Cisco PSIRT - 408 525-1888 CCIE# 6526
----------------------------------------------------
http://www.cisco.com/go/psirt
More information about the scg-sec
mailing list