Broadband users felled by US fault

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Broadband users felled by US fault

Tuesday 03 July, 2001 By BARRY PARK

FAILURES: Hardware faults caused two significant problems for broadband Internet users last week. Cable broadband Internet service Optus@Home was hit by slow or nonexistent international links during peak periods on Wednesday and Thursday after a fault occurred in a router component in the US.

The company had to switch to slower backup links to keep its customers connected while the fault was fixed. The company said it was complicated by the the failure being based offshore.

Meanwhile, a hardware failure in a Telstra server in the Kent Street, Sydney, exchange took out some BigPond users in Sydney and northern NSW on Thursday.

A Telstra spokesman said the server suffered an unknown hardware failure and had to be replaced by technicians, affecting the service for most of the day.

SECURED: Telstra announced last week that it was tightening security on its proxy cache service.

The company issued an announcement saying security measures being introduced on the proxies, which theoretically could be used as an anonymous stepping stone for crackers, included the addition of temporary access controls.

"Other more efficient methods are being investigated and tested to ensure that these measures are transparent to BPD (BigPond Direct) customers," the company said.

EXPOSED: A Cisco router has become the latest subject of a security advisory from the international network security watchdog.

The CERT advisory said an attacker could use a defined number of URLs to trip up the Cisco IOS systems using local authentication databases with the Web server enabled - normally enabled on switches by default.

CERT said the router was not vulnerable to the attack if it was using the Terminal Access Controller Access Control System (TACACS+) or Radius authentication systems.

More information is available from www.cisco.com/warp/public/707/IOShttplevelpub.html.

Cisco also revealed it was patching a multiple SSH (Secure Shell) vulnerability in three of its product lines.

An advisory from the company said the SSH exploit was inherent to the SSH protocol version 1.5, which is implemented in several Cisco products, including all devices running Cisco IOS software supporting SSH, plus routers and switches running Cisco IOS, Catalyst 6000 switches running CatOS, and Cisco PIX Firewall.

More information is at www.cisco.com/warp/public/707/SSHmultiplepub.html.

Meanwhile, CERT has issued a separate warning about an asyet unpatched print daemon buffer overflow that leaves Solaris systems vulnerable to attack.

The overflow, which at this stage can be prevented only by effectively shutting the daemon down, allows an attacker to run code at the permission level of the daemon, run as root by default.

Systems affected include Solaris 2.6 for SPARC, Solaris 2.6 x86, Solaris 7 for SPARC, Solaris 7 x86, Solaris 8 for SPARC and Solaris 8 x86.

More information on the exploit can be found at xforce.iss.net/alerts/advise80.php.

http://it.mycareer.com.au/opinion/networkpawn/2001/07/03/FFXVFWU4NOC.html

-- Martin Thompson (mthom1927@aol.com), July 02, 2001


Moderation questions? read the FAQ