RE: login attempt admin/password

From: Bill Lavalette <blavalet_at_nospam>
Date: Mon Dec 10 2007 - 17:05:36 GMT
To: <focus-ids@securityfocus.com>

do you have a Netgear router?
If so is the default password still on the router

If answer = no for A) or B) you do not have a threat from what I can see..

Additionally If you see this sig in your logs it could be from attempts on the router if you have one. or it could be someone scanning for such router in either case if you do not have this device on your network I would not worry about it.

Kind Regards,

Bill

HomeNet Security ======== Bill Lavalette -- Network Security Officer CCSA-CCSE Crisis Migitator ID Theft Prevention Mentor WWW http://www.homenet-security.com
Defending The Home LAN

-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com]On Behalf Of tyrian2uk@yahoo.co.uk Sent: Saturday, December 08, 2007 3:52 AM To: focus-ids@securityfocus.com
Subject: login attempt admin/password

WEB-INSC NetGear router Default password login attempt admin/password i see this signature detect by IDS how do i check if it is a threat or not ?
external ip:1710 -> internal IP:80

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in tro_sfw
to learn more.

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.

This message: [ Message body ]
Next message: Jeremy Bennett: "Re: Recommended IPS signature set"
Previous message: Ravi Chunduru: "SSL - Man-in-the-Middle filtering"
In reply to: tyrian2uk_at_nospam: "login attempt admin/password"
Next in thread: Seth: "Re: login attempt admin/password"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]