Re: [AusNOG] Risks to country and business infrastructure
The world was much simpler when ISP's could just print Invoices direct to customer printers on Windows 95 dialup connections.. On Thu, 12 Sep 2019 at 08:20, Matt Palmer wrote: > On Wed, Sep 11, 2019 at 10:25:49PM +1000, Andras Toth wrote: > > This is the same as saying it's Amazon's fault that people make their S3 > > buckets public and information gets exposed. > > Misconfigure it once, shame on you. Misconfigure it 1,000 times, shame on > the system. > > Also, AWS have been doing things to make it harder to blow your foot off in > the specific case of accidentally-public S3 buckets, which presumably > wouldn't have happened if there wasn't at least a semi-plausible case to be > made that it *was*, at least partially, Amazon's fault. > > - Matt > > ___ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog > ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
Re: [AusNOG] Risks to country and business infrastructure
On Wed, Sep 11, 2019 at 10:25:49PM +1000, Andras Toth wrote: > This is the same as saying it's Amazon's fault that people make their S3 > buckets public and information gets exposed. Misconfigure it once, shame on you. Misconfigure it 1,000 times, shame on the system. Also, AWS have been doing things to make it harder to blow your foot off in the specific case of accidentally-public S3 buckets, which presumably wouldn't have happened if there wasn't at least a semi-plausible case to be made that it *was*, at least partially, Amazon's fault. - Matt ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
Re: [AusNOG] Risks to country and business infrastructure
The person that got access to their system was not an AWS employee when the breach happened. The person got access via a misconfigured server/system that wasn't Amazon's fault. See the original court case for details: http://regmedia.co.uk/2019/07/29/capital_one_paige_thompson.pdf This is the same as saying it's Amazon's fault that people make their S3 buckets public and information gets exposed. Andras On Wed, Sep 11, 2019 at 12:26 PM Chad Kelly wrote: > On 9/11/2019 12:00 PM, ausnog-requ...@lists.ausnog.net wrote: > > > When someone questions whether this-or-that was predicted, this seems > most > > likely to indicate either the plausibility of the threat, or which side > of > > a closed door the questioner was on when the discussions were held. > > I'd worry less about people placing explosives in servers and more about > making sure that proper checks are in place for the people with access > to information. > > > AWS is a good example of this, they really need to lift their game. > > Stuff like the Capital One incident just shouldn't happen and as a > result of that I am not recommending AWS to any of our customers. > > That isn't the only reason, but the fact Capital One are still with AWS > after that incident scares me a little, if I was them I would of dumped > them as a vendor immediately. > > Basically Datacentres and network operators need to force all staff to > undergo regular checks particularly when dealing with sensitive info. > > I also am aware that the Capital One case isn't Australian, but it is > still a good example of why providers need to keep an eye on who has > access to certain info. > > > -- > Chad Kelly > Manager > CPK Web Services > Phone 03 5273 0246 > Web www.cpkws.com.au > > ___ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog > ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
[AusNOG] NAB internet banking scam using AU mobile DIDs
Hi, There's a NAB online banking scam sending SMS messages with a URL to a .services domain which poses as NAB Internet Banking. "NAB Alert - We have detected a potential issue and blocked your internet banking. Please visit to confirm your device." If you are the telco with these DIDs, please turn your customer off: +61 4343 72837 +61 4226 14360 I can provide the messages we're seeing if required. Thanks Darren. ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
Re: [AusNOG] Came across this
Maybe I do, maybe I dont. On Wed, 11 Sep 2019 at 4:47 pm, Scott Weeks wrote: > > You just have to keep telling me until I do. > > scott > > > > --- b...@bradleyamm.com wrote: > > From: Bradley Amm > To: Matthew Moyle-Croft > Cc: ausnog mailing list > Subject: Re: [AusNOG] Came across this > Date: Wed, 11 Sep 2019 11:39:03 +0800 > > I'd tell you a joke about UDP but you might not get it > > > On Wed, Sep 11, 2019 at 11:29 AM Matthew Moyle-Croft > wrote: > > > Yeah. Sorry, it was a UDP joke, possibly not a good one. > > > > On Wed, Sep 11, 2019 at 12:20 PM Matt Perkins > > wrote: > > > >> That's likely cause Michael Was running the whole thing of "term" ;) > >> > >> matt > >> > >> > >> On 11/9/19 9:11 am, Matthew Moyle-Croft wrote: > >> > >> "iiNet are apparently offering accounts for a flat fee of $25 per month. > >> They provide news, mail, telnet, ftp, and irc, but have no UDP support > at > >> the moment." > >> Did they respond about UDP support at all? > >> MMC > >> > >> On Wed, Sep 11, 2019 at 12:50 AM Matt Perkins > >> wrote: > >> > >>> Came across this link http://www.rogerclarke.com/II/zik.faq.9403.html > >>> Good to see many of us old buggers still around and thoughts are with > >>> the ones on the list that are not. > >>> > >>> > >>> Matt. > >>> > >>> > >>> ___ > >>> AusNOG mailing list > >>> AusNOG@lists.ausnog.net > >>> http://lists.ausnog.net/mailman/listinfo/ausnog > >>> > >> > >> -- > >> /* Matt Perkins > >> Direct 02 8916 8101Spectrum Networks Ptd. Ltd. > >> Office 1300 133 299m...@spectrum.com.au > >>Level 6, 350 George Street Sydney > 2000 > >> Spectrum Networks is a member of the Communications Alliance & > TIO > >> */ > >> > >> ___ > > AusNOG mailing list > > AusNOG@lists.ausnog.net > > http://lists.ausnog.net/mailman/listinfo/ausnog > > > > > -- > Bradley Amm > 0420 501 801 > > > ___ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog > > > ___ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog > -- Jason Reid ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
[AusNOG] Cable cuts near Japan
Hey All, Does anyone know anything about the cable cuts in the Japan region? We are seeing latency, congestion and fairly suboptimal paths via a couple of carriers who are trying to route around it. David Hooton Founder | Ordnance Cloud Scale, Carrier Grade AU Cell: +61 415 850 000 US Voice: +1 415 347 9010 Twitter: @dave_hooton Web: ordnance.co ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
[AusNOG] NAB internet banking scam using AU mobile DIDs
Hi Noggers, There's a NAB online banking scam sending SMS messages with a URL to a .services domain which poses as NAB Internet Banking. "NAB Alert - We have detected a potential issue and blocked your internet banking. Please visit to confirm your device." If you are the telco with these DIDs, please turn your customer off: +61 4343 72837 +61 4226 14360 I can provide the messages we're seeing if required. Thanks Darren. ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
Re: [AusNOG] Came across this
You just have to keep telling me until I do. scott --- b...@bradleyamm.com wrote: From: Bradley Amm To: Matthew Moyle-Croft Cc: ausnog mailing list Subject: Re: [AusNOG] Came across this Date: Wed, 11 Sep 2019 11:39:03 +0800 I'd tell you a joke about UDP but you might not get it On Wed, Sep 11, 2019 at 11:29 AM Matthew Moyle-Croft wrote: > Yeah. Sorry, it was a UDP joke, possibly not a good one. > > On Wed, Sep 11, 2019 at 12:20 PM Matt Perkins > wrote: > >> That's likely cause Michael Was running the whole thing of "term" ;) >> >> matt >> >> >> On 11/9/19 9:11 am, Matthew Moyle-Croft wrote: >> >> "iiNet are apparently offering accounts for a flat fee of $25 per month. >> They provide news, mail, telnet, ftp, and irc, but have no UDP support at >> the moment." >> Did they respond about UDP support at all? >> MMC >> >> On Wed, Sep 11, 2019 at 12:50 AM Matt Perkins >> wrote: >> >>> Came across this link http://www.rogerclarke.com/II/zik.faq.9403.html >>> Good to see many of us old buggers still around and thoughts are with >>> the ones on the list that are not. >>> >>> >>> Matt. >>> >>> >>> ___ >>> AusNOG mailing list >>> AusNOG@lists.ausnog.net >>> http://lists.ausnog.net/mailman/listinfo/ausnog >>> >> >> -- >> /* Matt Perkins >> Direct 02 8916 8101Spectrum Networks Ptd. Ltd. >> Office 1300 133 299m...@spectrum.com.au >>Level 6, 350 George Street Sydney 2000 >> Spectrum Networks is a member of the Communications Alliance & TIO >> */ >> >> ___ > AusNOG mailing list > AusNOG@lists.ausnog.net > http://lists.ausnog.net/mailman/listinfo/ausnog > -- Bradley Amm 0420 501 801 ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog ___ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog