Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: what are these?

From: imrang () BTINTERNET COM (Imran Ghory)
Date: Tue, 21 Mar 2000 23:26:13 -0000

On 16 Mar 00, at 23:29, Dirk Koopman wrote:


What are generating these and why do they (mostly) seem to come from
btinternet.com (sidebar - why don't BT ever bother to answer my
questions)?


(Speaking as BTInternet customer and mantainer of an unofficial BTInternet
FAQ)

BTInternet is going through security problems, becuase since BTInternet
have started offering free phone call access 78 hours a week their customers
have been subject to more hack attempts then normal.

In the BTInternet internal newsgroups people on Dial-ups are reporting
several port scans a hour as "usual", BTInternet have been trying to stop
account stealing by freezing multiple login accounts, but at one point last
year it got so bad that BTInternet had to reset a large amount of user
accounts resetting the passwords all to one password.

Also some accounts are identifying themselves as BTInternet account when
infact they are not, this is because BTInternet share a dial-up platform with
Lineone(a Free ISP) and sometimes Lineone users get BTInternet IPs. I
believe BTInternet are currently trying to stop this.

It may be worth noting that at least one "anti-abuse" site has blacklisted
Lineone.

These problems and several others mean that BTInternet's abuse team seem
to be lagging behind on following up abuse reports. If it's important I believe a
whois on the btinternet.com domain gives a phone number for BTInternet
Abuse.

Imran Ghory

--
Sign the Linux Driver Petition
http://www.libranet.com/petition.html

BTInternet FAQ V2 (Unofficial)
http://redrival.com/btifaq/
Previous By Date Next
Previous By Thread Next

Current thread: