[Full-Disclosure] Network Security in India
me.morris at gmail.com
Tue Nov 23 21:33:00 GMT 2004
I had a brief stint Primus Telecom in delhi ( www.primus-direct.com).
It has a flat network with absolutely no security. The routers as as
vulnerable to any known exploit and the same applies to a few web
servers they host. The basics such as patch management is never taken
This mail doesnot intend to harm any one but i want to know is this
the way major ISP around the globe function.
The company functions on illegal frequencies (Primus's major customers
connect through RF links). I have the proofs to show that they do
function on frequencies not allocated to them and during routine check
ups by the DoT ( Department of Telecommunications Govt. of India) They
have to change the frequency for a while and do favors to the Govt.
Employees to keep the business going.
Well this is not my concern but somehow this seems unhealthy. Is this
a practise worldwide.
During my interview with a company major i insisted on my security
conern but the company was least bothered.
Would someone tell me is this the way the whole industry functions.
Inspite of reminders to the company that any lamer has the potential
to run them out of business by bringing their whole network down
within a few min( which includes the ETBwmgr , the netcache box or
even the main router(7500 series with a backup)) has been given a deaf
Is this the way a ISP with important clients in the pvt and the govt
key sectors functions.
I personally doubt the future.
Is Primus listening. Its time to wake up.
(FROM LINKS TO LINKS WE ARE ALL LINKED)
Full-Disclosure is hosted and sponsored by Secunia.