is my network secure?

Discussion in 'Computer Security' started by Fred, Nov 27, 2005.

  1. Fred

    Fred Guest

    My network is set up as below;

    Could anyone advise as to whether there is anything else I could do to
    enhance security?

    Bexhill Road 217.204.190.13 - Easynet. ADSL Username is
    , Password tungau87 Tel 0800 053 4343

    Churchfields 81.174.162.232 - Plusnet. ADSL Username is
    password orange. Contact via www.plus.net
    <http://www.plus.net/>

    Hove 80.229.37.79 - Plusnet. ADSL Username is
    password orange. Contact via www.plus.net
    <http://www.plus.net/>



    External POP3 (email) server mail.demon.net username
    stamco password rtrv4GL



    FTP Addresses (Web-sites) ukupload.demon.net username stamco
    password rtrv4GL (Main stamco.co.uk site)

    ftp.plus.net
    <ftp://ftp.plus.net/> username stamco password orange
    (stamcoshop.co.uk site)



    Internal routers;



    Bexhill Road 192.168.1.248 Telnet/SSH;
    Username kcceng password kcc123

    Bexhill Road ADSL 192.168.254.254 Internet Explorer;
    Direct connection

    Churchfields 192.168.2.248 Telnet/SSH;
    Username kcceng password kcc123

    Churchfields ADSL 192.168.2.247 Internet Explorer;
    blank username password orange

    Hove 192.168.3.248 Telnet/SSH; Username
    kcceng password kcc123

    Hove ADSL 192.168.2.247 Internet Explorer;
    blank username password orange



    Servers;



    STAMCO_ONE administrator
    orange

    STAMCO_TS1 administrator
    orange

    Email/Intranet (192.168.1.1) admin
    orange (connect either via telnet or http://192.168.1.1:10000
    <http://192.168.1.1:10000/> ) - This also controls DHCP

    Phone Stats database (192.168.1.244) root
    orange (connect via telnet or http://192.168.1.244:10000
    <http://192.168.1.244:10000/> ) - Also has redundant DHCP server

    K8 (192.168.1.249) kccs
    5t4mc0123 or root sta0098

    KPRINT kccs
    kcc123
    Fred, Nov 27, 2005
    #1
    1. Advertising

  2. Fred

    Jim Watt Guest

    On Sun, 27 Nov 2005 04:52:37 -0000, "Fred" <>
    wrote:

    >Could anyone advise as to whether there is anything else I could do to
    >enhance security?


    change all the passwords you have posted.

    are you mad, or is that someone else's network.


    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Nov 27, 2005
    #2
    1. Advertising

  3. Fred

    Guest

    Fred <> wrote:
    > My network is set up as below;
    >
    > Could anyone advise as to whether there is anything else I could do to
    > enhance security?
    >
    > Bexhill Road 217.204.190.13 - Easynet. ADSL Username is
    > , Password tungau87 Tel 0800 053 4343


    What kind of joke is this? Someone trying to take out one of their
    enemies?

    Joachim
    , Nov 27, 2005
    #3
  4. The Accounts are all real.... holy shit...

    are you high? omfg!
    --
    MFG
    Christian Fuß, replica-solutions.de
    ( Linux, Poetry, Community 4 everyone, International German/English )
    =?iso-8859-1?q?Christian_Fu=DF?=, Nov 27, 2005
    #4
  5. Fred

    martin Guest

    Christian Fuß wrote:
    > The Accounts are all real.... holy shit...
    >
    > are you high? omfg!


    the web site is still up and looks untouched. Was the FTP address u/n
    p/w valis as well? I can't look from the UK because of the computer
    misuse act lol. It's a business site!

    lol My bet is a manager who was just fired
    martin, Nov 27, 2005
    #5
  6. Fred

    Jim Watt Guest

    On Sun, 27 Nov 2005 20:05:02 +0000, martin <> wrote:

    >Christian Fuß wrote:
    >> The Accounts are all real.... holy shit...
    >>
    >> are you high? omfg!

    >
    >the web site is still up and looks untouched. Was the FTP address u/n
    >p/w valis as well? I can't look from the UK because of the computer
    >misuse act lol. It's a business site!
    >
    >lol My bet is a manager who was just fired


    If so he deserves to be, and worse.

    However, looking at their wensite it seems they had a problem with
    a spammer using their address, so maybe this is his way of 'paying
    them back'

    I've notified them, the rest is their problem. Dunno how hot the
    Sussex police are on computer crime, but if you live in the UK
    I'd refrain from trying any of those uid's
    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Nov 27, 2005
    #6
  7. Fred

    martin Guest

    Jim Watt wrote:
    > On Sun, 27 Nov 2005 20:05:02 +0000, martin <> wrote:
    >
    >
    >>Christian Fuß wrote:
    >>
    >>>The Accounts are all real.... holy shit...
    >>>
    >>>are you high? omfg!

    >>
    >>the web site is still up and looks untouched. Was the FTP address u/n
    >>p/w valis as well? I can't look from the UK because of the computer
    >>misuse act lol. It's a business site!
    >>
    >>lol My bet is a manager who was just fired

    >
    >
    > If so he deserves to be, and worse.
    >
    > However, looking at their wensite it seems they had a problem with
    > a spammer using their address, so maybe this is his way of 'paying
    > them back'
    >
    > I've notified them, the rest is their problem. Dunno how hot the
    > Sussex police are on computer crime, but if you live in the UK
    > I'd refrain from trying any of those uid's


    I'm not going to even attempt to try the uid's, I AM going to be on the
    phone to them at 7:30 tomorrow when they open shop, might get a new
    client out of them :)

    I'm in Sussex, so they're almost local. I'll post back
    martin, Nov 27, 2005
    #7
  8. Fred

    Jim Watt Guest

    On Sun, 27 Nov 2005 22:07:23 +0000, martin <> wrote:

    >Jim Watt wrote:
    >> On Sun, 27 Nov 2005 20:05:02 +0000, martin <> wrote:
    >>
    >>
    >>>Christian Fuß wrote:
    >>>
    >>>>The Accounts are all real.... holy shit...
    >>>>
    >>>>are you high? omfg!
    >>>
    >>>the web site is still up and looks untouched. Was the FTP address u/n
    >>>p/w valis as well? I can't look from the UK because of the computer
    >>>misuse act lol. It's a business site!
    >>>
    >>>lol My bet is a manager who was just fired

    >>
    >>
    >> If so he deserves to be, and worse.
    >>
    >> However, looking at their wensite it seems they had a problem with
    >> a spammer using their address, so maybe this is his way of 'paying
    >> them back'
    >>
    >> I've notified them, the rest is their problem. Dunno how hot the
    >> Sussex police are on computer crime, but if you live in the UK
    >> I'd refrain from trying any of those uid's

    >
    >I'm not going to even attempt to try the uid's, I AM going to be on the
    >phone to them at 7:30 tomorrow when they open shop, might get a new
    >client out of them :)
    >
    >I'm in Sussex, so they're almost local. I'll post back


    You can mail me via the response form on my website,
    I used to live in Haywards Heath but escaped via LGW

    Checking the external addresses they are not responding so maybe
    someone has caught on already.
    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Nov 28, 2005
    #8
  9. Fred

    Roy Penfold Guest

    Thanks for the attention on this guys,

    Our tripwire system picked up an intrusion attempt onto our main server and
    alerted me at 02:00 this morning.

    It loooks as though someone found a way into our network and discovered an
    email to our new network admin giving passwords etc.

    I have changed all passwords and am in the processof changing usernames/IP
    addressess.

    Log files are being sent to Sussex Police. As a result of this, I would
    recommend not attempting to connect on any of the IPs listed.

    Many thanks for you attention on this guys.

    Roy Penfold
    IT Manager
    STAMCO Timber
    "Jim Watt" <_way> wrote in message
    news:...
    > On Sun, 27 Nov 2005 22:07:23 +0000, martin <> wrote:
    >
    >>Jim Watt wrote:
    >>> On Sun, 27 Nov 2005 20:05:02 +0000, martin <> wrote:
    >>>
    >>>
    >>>>Christian Fuß wrote:
    >>>>
    >>>>>The Accounts are all real.... holy shit...
    >>>>>
    >>>>>are you high? omfg!
    >>>>
    >>>>the web site is still up and looks untouched. Was the FTP address u/n
    >>>>p/w valis as well? I can't look from the UK because of the computer
    >>>>misuse act lol. It's a business site!
    >>>>
    >>>>lol My bet is a manager who was just fired
    >>>
    >>>
    >>> If so he deserves to be, and worse.
    >>>
    >>> However, looking at their wensite it seems they had a problem with
    >>> a spammer using their address, so maybe this is his way of 'paying
    >>> them back'
    >>>
    >>> I've notified them, the rest is their problem. Dunno how hot the
    >>> Sussex police are on computer crime, but if you live in the UK
    >>> I'd refrain from trying any of those uid's

    >>
    >>I'm not going to even attempt to try the uid's, I AM going to be on the
    >>phone to them at 7:30 tomorrow when they open shop, might get a new
    >>client out of them :)
    >>
    >>I'm in Sussex, so they're almost local. I'll post back

    >
    > You can mail me via the response form on my website,
    > I used to live in Haywards Heath but escaped via LGW
    >
    > Checking the external addresses they are not responding so maybe
    > someone has caught on already.
    > --
    > Jim Watt
    > http://www.gibnet.com
    Roy Penfold, Nov 28, 2005
    #9
  10. Fred

    martin Guest

    Roy Penfold wrote:
    > Thanks for the attention on this guys,
    >
    > Our tripwire system picked up an intrusion attempt onto our main server and
    > alerted me at 02:00 this morning.
    >
    > It loooks as though someone found a way into our network and discovered an
    > email to our new network admin giving passwords etc.
    >
    > I have changed all passwords and am in the processof changing usernames/IP
    > addressess.
    >
    > Log files are being sent to Sussex Police. As a result of this, I would
    > recommend not attempting to connect on any of the IPs listed.
    >
    > Many thanks for you attention on this guys.
    >
    > Roy Penfold
    > IT Manager
    > STAMCO Timber


    doh!
    martin, Nov 28, 2005
    #10
  11. Fred

    Donnie Guest


    > It loooks as though someone found a way into our network and discovered an
    > email to our new network admin giving passwords etc.
    >

    ##############################
    New admin? What happened to the old admin?
    donnie.
    Donnie, Nov 29, 2005
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. KerplunKuK

    Secure and non secure warnings

    KerplunKuK, Aug 24, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    542
    Blinky the Shark
    Aug 24, 2004
  2. Miss Mary
    Replies:
    1
    Views:
    1,454
    sean.archer
    Sep 21, 2007
  3. Replies:
    0
    Views:
    578
  4. Replies:
    0
    Views:
    650
  5. cade

    Secure Auditor secure your windows

    cade, Apr 28, 2008, in forum: Computer Security
    Replies:
    0
    Views:
    491
Loading...

Share This Page