Wednesday, 16 June 2010

Protecting against vulnerabilities causes vulnerabilities... Or why Orange should change their passwords

After the French introduced a policy of kicking peer-to-peer users off the internet, Orange (for just 2 Euro's a month) offered to block anyone from using peer-to-peer on your network.

Great for customers who don't want their users getting up to things they shouldn't... unless Orange uses a server than can be accessed from the internet and keeps the default user-name and password 'admin'.

One user signed up to this deal ran Wireshark on his PC and noticed software communicating with IP 195.146.235.67. Wireshark is a decent network fault finding tool that can be downloaded here. Putting the IP into a browser followed by /status brought up every Orange customer who used the software's IP address. But there's more... using the logon and password of 'admin' users have discovered it is possible to send malware to the computers that Orange's software is supposed to be protecting.

No comments: