[svlug] Intrusion detected: What's the best response

Karen Shaeffer shaeffer at neuralscape.com
Mon Jun 9 13:11:36 PDT 2014

Previous message: [svlug] Intrusion detected: What's the best response {addenda}
Next message: [svlug] Intrusion detected: What's the best response
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 09, 2014 at 09:37:06AM +0100, Sanatan Rai wrote:
> Hi All,
>    Yesterday, my router was hacked.
> 
>     The router's logs are terrible, not much information there.
> However, I am sure that there was an intrusion because the router
> permits only one login as admin irrespective of protocol
> (telnet/https). When I tried to log in last night, the login was
> rejected saying that the admin was already logged in from an IP which
> I later traced as being in China.
> 
>     My response was to disconnect the router from the phone line, so I
> am no longer connected to the internet at home (this email is being
> written at work).
> 

Hi Sanatan,
Be aware, it is common practice today for sophisticated corporate attacks to
begin by cracking employees. Then they get inside the corporate network
via the employee. I suggest it is prudent to think about that possibility.

enjoy,
Karen
-- 
Karen Shaeffer                 Be aware: If you see an obstacle in your path,
Neuralscape Services           that obstacle is your path.        Zen proverb

Previous message: [svlug] Intrusion detected: What's the best response {addenda}
Next message: [svlug] Intrusion detected: What's the best response
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list