Welcome to cissp CISSP training Certified Information Systems Security Professional
Search
Nickname Password Security Code Security Code Type Security Code  

You are certified but are your qualified? Become qualified today.

Rated #1 Training

Library of Documents

Forum Postings

CISSP's Blogs

Recommended Podcasts

MISC Menu

Security Books

Surveys

Where do you find the best price for books?

Amazon.Com
Bookpool.Com
The ISC2 webstore
CISSPS.COM
Cheapbooks.com
Ecampus.com
Other (Please leave a comment with name of site)



Results
Polls

Votes: 1314
Comments: 33

Top10 Links

Top10 Downloads

Who's Online

There are currently, 87 guest(s) and 25 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

Training Classes Calendar

Test of Widget

 

Used device bought on Ebay allowed full remote VPN access
Posted on Monday, 29 September 2008 @ 21:01:59 EDT
Contributed by boss | Topic: Vulnerabilities

NOTE FROM CLEMENT:

We do get trained on remnants left of storage devices and how to sanitize them before reusing them for other purposes, however it seems the training should include sanitizing devices as well.  See a great story below from the UK below, I am sure we could do just as well in the states:

A security expert discovered a VPN device bought on Ebay automatically connected to a local council's confidential servers.

Andrew Mason bought the Cisco VPN 3002 Concentrator - a device on which he has written a tutorial book - on Ebay for only 99 pence, with the intention of using it at work.

However, when he plugged it in it automatically connected him directly to Kirklees Council's central servers, circumventing security with the login details which had been carelessly left on the device.

"It instantly connected me, and I had full network access," explains Mason. "I understand the law extremely well and at that point disconnected," adds the intrusion-detection professional.

Despite contacting the council about the matter, no action was taken. "They ignored me at first," says Mason, before explaining that following coverage on the BBC website, access from the device has been shut off.

He admits that there could well be more devices out there, from which access is still possible, and exceedingly simple. "The whole selling point of the device was that it was extremely easy to configure. It's pretty horrific really," says Mason.

The council says it is "deeply concerned" by the news, but is confident that "multiple layers of security have prevented access to systems and data."

"In the meantime the disposal process has been suspended until an investigation can be carried out and appropriate action taken," says a council spokesman.

 

Login

Nickname

Password

Security Code:
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Related Links

Article Rating

Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad

Options

"Used device bought on Ebay allowed full remote VPN access" | Login/Create an Account | 13 comments | Search Discussion
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by boss on Tuesday, 30 September 2008 @ 12:42:02 EDT
(User Info | Send a Message) http://www.cccure.org

Here is a comment that was posted by Andrew Mason himself, I am reposting as there was some junk that was submitted in the thread first from some spammers.

Here is Andrew's message:
Re: Used device bought on Ebay allowed full remote VPN access

by masontech on Tuesday, September 30 @ 08:12:10 EDT
User Info

Yep, couldn't believe my eyes when I turned it on.

BTW, I am Andrew Mason from www.mindcert.com.




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:21:27 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/book/indexcat-21.html/">طبيخ</a [www.al7orya.com]>
<a href=" http://www.al7orya.com/book/indexcat-21.html/">كتب [www.al7orya.com] وصفات اكل شهية</a>
<a href=" http://www.al7orya.com/book/indexcat-21.html/">أكل [www.al7orya.com] وحلويات وكتب للمطبخ</a>
<a href=" http://www.al7orya.com/book/indexcat-22.html/">كتب [www.al7orya.com] وابحاث ودراسات حول اليهودية و النصرانية</a>
<a href=" http://www.al7orya.com/book/indexcat-22.html/">دراسات [www.al7orya.com] حول اليهودية </a>
<a href=" http://www.al7orya.com/book/indexcat-22.html/ [www.al7orya.com]"> النصرانية</a>
<a href=" http://www.al7orya.com/book/indexcat-23.html/">كتب [www.al7orya.com] زراعية وتربية دواجن وطيور ومشاريع</a>
<a href=" http://www.al7orya.com/book/indexcat-23.html/">تربية [www.al7orya.com] دواجن وطيور</a>
<a href=" http://www.al7orya.com/book/indexcat-23.html/">كتب [www.al7orya.com] زراعية</a>
<a href=" http://www.al7orya.com/vb/t19552.html#post100282/">حصريا [www.al7orya.com] 1000 صورة وفريم للفوتوشوب لتواقيع وشهادات التقدير صور png</a>
<a href=" http://www.al7orya.com/dl/add-site.html/">اضف [www.al7orya.com] موقعك</a>
<a href=" http://www.al7orya.com/dl/add-site.html/">اضافة [www.al7orya.com] موقعك</a>
<a href=" http://www.al7orya.com/dl/add-site.html/">موقعك</a [www.al7orya.com]&g

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:22:08 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/vb/f90.html/">الطفل [www.al7orya.com] المسلم </a>
<a href=" http://www.al7orya.com/vb/f90.html/">الطفل [www.al7orya.com] الفلسطيني </a>
<a href=" http://www.al7orya.com/vb/f90.html/">مواضيع [www.al7orya.com] عن الطفولة </a>
<a href=" http://www.al7orya.com/vb/f90.html/">اناشيد [www.al7orya.com] الاطفال </a>
<a href=" http://www.al7orya.com/vb/f90.html/">الاطفال [www.al7orya.com] </a>
<a href=" http://www.al7orya.com/vb/f90.html/">الطفل [www.al7orya.com] العربي</a>
<a href=" http://www.al7orya.com/vb/f59.html/">قصص</a [www.al7orya.com]>
<a href=" http://www.al7orya.com/vb/f59.html/">قصص [www.al7orya.com] وروايات</a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/dl/">دليل [www.al7orya.com] مواقع </a>
<a href=" http://www.al7orya.com/vb/f71.html/">رجلا [www.al7orya.com] صنعوا التاريخ</a>
<a href=" http://www.al7orya.com/vb/f71.html/">رجال [www.al7orya.com] علما&#15

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:23:33 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/dl/section-36.html/">دليل [www.al7orya.com] مواقع نسائية</a>
<a href=" http://www.al7orya.com/dl/section-36.html/">مواقع [www.al7orya.com] نسائية</a>
<a href=" http://www.al7orya.com/dl/section-37.html/">دليل [www.al7orya.com] الأطفال</a>
<a href=" http://www.al7orya.com/dl/section-37.html/">مواقع [www.al7orya.com] اطفال</a>
<a href=" http://www.al7orya.com/dl/section-38.html/">اناشيد</a [www.al7orya.com]>
<a href=" http://www.al7orya.com/dl/section-38.html/">دليل [www.al7orya.com] مواقع الاناشيد</a>
<a href=" http://www.al7orya.com/dl/section-40.html/">ترفيه [www.al7orya.com] وتهنئة</a>
<a href=" http://www.al7orya.com/dl/section-40.html/">بطاقات [www.al7orya.com] تهنئة</a>
<a href=" http://www.al7orya.com/dl/section-39.html/">دليل [www.al7orya.com] المأكولات والطبيخ</a>
<a href=" http://www.al7orya.com/dl/section-39.html/">مواقع [www.al7orya.com] طعام وحلويات</a>
<a href=" http://www.al7orya.com/dl/section-42.html/">العاب [www.al7orya.com] </a>
<a href=" http://www.al7orya.com/dl/section-42.html/">دليل [www.al7orya.com] مواقع الالعاب</a>
<a href=" http://www.al7orya.com/dl/section-41.html/">مواقع [www.al7orya.com] نكت وضحك</a>
<a href=" http://www.al7orya.com/dl/section-41.html/">دليل [www.al7orya.com] مواقع الترفيه</a>
<a href=" http://www.al7orya.com/dl/sec

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:24:05 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/dl/section-36.html/">دليل [www.al7orya.com] مواقع نسائية</a>
<a href=" http://www.al7orya.com/dl/section-36.html/">مواقع [www.al7orya.com] نسائية</a>
<a href=" http://www.al7orya.com/dl/section-37.html/">دليل [www.al7orya.com] الأطفال</a>
<a href=" http://www.al7orya.com/dl/section-37.html/">مواقع [www.al7orya.com] اطفال</a>
<a href=" http://www.al7orya.com/dl/section-38.html/">اناشيد</a [www.al7orya.com]>
<a href=" http://www.al7orya.com/dl/section-38.html/">دليل [www.al7orya.com] مواقع الاناشيد</a>
<a href=" http://www.al7orya.com/dl/section-40.html/">ترفيه [www.al7orya.com] وتهنئة</a>
<a href=" http://www.al7orya.com/dl/section-40.html/">بطاقات [www.al7orya.com] تهنئة</a>
<a href=" http://www.al7orya.com/dl/section-39.html/">دليل [www.al7orya.com] المأكولات والطبيخ</a>
<a href=" http://www.al7orya.com/dl/section-39.html/">مواقع [www.al7orya.com] طعام وحلويات</a>
<a href=" http://www.al7orya.com/dl/section-42.html/">العاب [www.al7orya.com] </a>
<a href=" http://www.al7orya.com/dl/section-42.html/">دليل [www.al7orya.com] مواقع الالعاب</a>
<a href=" http://www.al7orya.com/dl/section-41.html/">مواقع [www.al7orya.com] نكت وضحك</a>
<a href=" http://www.al7orya.com/dl/section-41.html/">دليل [www.al7orya.com] مواقع الترفيه</a>
<a href=" http://www.al7orya.com/dl/sec

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:24:40 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] عشاق الحور</a>
<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] اسلامية بث مباشر</a>
<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] من الاقصى والقدس</a>
<a href=" http://www.al7orya.com/radio/">اذاعات [www.al7orya.com] فلسطينية اسلامية</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/book/indexcat-17.html/">بحوث [www.al7orya.com] إسلامية</a>
<a href=" http://www.al7orya.com/book/indexcat-17.html/">بحوث [www.al7orya.com] إسلامية</a>
<a href=" http://www.al7orya.com/book/indexcat-18.html/">أبحاث [www.al7orya.com] اجتماعية وعائلية</a>
<a href=" http://www.al7orya.com/book/indexcat-18.html/">أبحاث [www.al7orya.com] اجتماعية وعائلية</a>
<a href=" http://www.al7orya.com/book/indexcat-19.html/">ابحاث [www.al7orya.com] جغرافية وبيئية</a>
<a href=" http://www.al7orya.com/book/indexcat-19.html/">ابحاث [www.al7orya.com] جغرافية وبيئية</a>
<a href="Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:24:41 EDT
(User Info | Send a Message)

<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] عشاق الحور</a>
<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] اسلامية بث مباشر</a>
<a href=" http://www.al7orya.com/radio/">اذاعة [www.al7orya.com] من الاقصى والقدس</a>
<a href=" http://www.al7orya.com/radio/">اذاعات [www.al7orya.com] فلسطينية اسلامية</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/group/">قروب [www.al7orya.com] ملتقيات عشاق الحور</a>
<a href=" http://www.al7orya.com/book/indexcat-17.html/">بحوث [www.al7orya.com] إسلامية</a>
<a href=" http://www.al7orya.com/book/indexcat-17.html/">بحوث [www.al7orya.com] إسلامية</a>
<a href=" http://www.al7orya.com/book/indexcat-18.html/">أبحاث [www.al7orya.com] اجتماعية وعائلية</a>
<a href=" http://www.al7orya.com/book/indexcat-18.html/">أبحاث [www.al7orya.com] اجتماعية وعائلية</a>
<a href=" http://www.al7orya.com/book/indexcat-19.html/">ابحاث [www.al7orya.com] جغرافية وبيئية</a>
<a href=" http://www.al7orya.com/book/indexcat-19.html/">ابحاث [www.al7orya.com] جغرافية وبيئية</a>
<a href="Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:25:11 EDT
(User Info | Send a Message)


<a href=" http://www.al7orya.com/dl/section-2.html/">القرآن [www.al7orya.com] الكريم </a>
<a href=" http://www.al7orya.com/dl/section-3.html/">الحديث [www.al7orya.com] الشريف </a>
<a href=" http://www.al7orya.com/dl/section-4.html/">العلماء [www.al7orya.com] والدعاة </a>
<a href=" http://www.al7orya.com/dl/section-5.html/">الفرق [www.al7orya.com] والمذاهب والأديان </a>
<a href=" http://www.al7orya.com/dl/section-6.html/">المجلات [www.al7orya.com] والتسجيلات الإسلاميه </a>
<a href=" http://www.al7orya.com/dl/section-7.html/">الكتب [www.al7orya.com] الإسلامية </a>
<a href=" http://www.al7orya.com/dl/section-8.html/">الفتاوى [www.al7orya.com] </a>
<a href=" http://www.al7orya.com/dl/section-9.html/">الصوتيات [www.al7orya.com] الإسلامية </a>
<a href=" http://www.al7orya.com/dl/section-74.html/">مواقع [www.al7orya.com] البرامج </a>
<a href=" http://www.al7orya.com/dl/section-21.html/">مواقع [www.al7orya.com] كمبيوتر عامة </a>
<a href=" http://www.al7orya.com/dl/section-22.html/">اخبار [www.al7orya.com] ومجلات الكمبيوتر </a>
<a href=" http://www.al7orya.com/dl/section-23.html/">البرامج [www.al7orya.com] وانظمة التشغيل </a>
<a href=" http://www.al7orya.com/dl/section-24.html/">الرسم [www.al7orya.com] والتصميم - الجراف&#16

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by al7orya on Friday, 30 October 2009 @ 05:25:20 EDT
(User Info | Send a Message)


<a href=" http://www.al7orya.com/dl/section-2.html/">القرآن [www.al7orya.com] الكريم </a>
<a href=" http://www.al7orya.com/dl/section-3.html/">الحديث [www.al7orya.com] الشريف </a>
<a href=" http://www.al7orya.com/dl/section-4.html/">العلماء [www.al7orya.com] والدعاة </a>
<a href=" http://www.al7orya.com/dl/section-5.html/">الفرق [www.al7orya.com] والمذاهب والأديان </a>
<a href=" http://www.al7orya.com/dl/section-6.html/">المجلات [www.al7orya.com] والتسجيلات الإسلاميه </a>
<a href=" http://www.al7orya.com/dl/section-7.html/">الكتب [www.al7orya.com] الإسلامية </a>
<a href=" http://www.al7orya.com/dl/section-8.html/">الفتاوى [www.al7orya.com] </a>
<a href=" http://www.al7orya.com/dl/section-9.html/">الصوتيات [www.al7orya.com] الإسلامية </a>
<a href=" http://www.al7orya.com/dl/section-74.html/">مواقع [www.al7orya.com] البرامج </a>
<a href=" http://www.al7orya.com/dl/section-21.html/">مواقع [www.al7orya.com] كمبيوتر عامة </a>
<a href=" http://www.al7orya.com/dl/section-22.html/">اخبار [www.al7orya.com] ومجلات الكمبيوتر </a>
<a href=" http://www.al7orya.com/dl/section-23.html/">البرامج [www.al7orya.com] وانظمة التشغيل </a>
<a href=" http://www.al7orya.com/dl/section-24.html/">الرسم [www.al7orya.com] والتصميم - الجراف&#16

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by salah99 on Tuesday, 10 November 2009 @ 10:26:19 EST
(User Info | Send a Message)

نوكيا [forum.alamye.com] العاب [www.66z.com] صور سيارات - سيارات - اخبار السيارات [www.almuraba.net] منتدى السيارات [forum.almuraba.net] منتديات [www.rwa3.com] صدى الملاعب [www.0ff0.com] حواء [www.hawaaclub.com] العاب [www.66z.com] العاب مغامرات [www.p33p.com] العاب اطفال [www.p33p.com] العاب افلام كرتون [www.p33p.com] العاب سيارات [www.p33p.com] العاب سرعة العاب تركيز [www.p33p.com] العاب طيران و فضاء [www.p33p.com] العاب طريفة العاب مسلية [www.p33p.com] العاب منوعة العاب جميلة [www.p33p.com] العاب مكياج العاب ميك اب [www.p33p.com] العاب باربي [www.p33p.com] العاب اكشن [www.p33p.com] العاب دولز [www.p33p.com] العاب بازل العاب ذكاء [www.p33p.com] العاب تلبيس [www.p33p.com] العاب جديدة 2010 [www.p33p.com] العاب دراجات [www.p33p.com] العاب رياضية [www.p33p.com] العاب رسم وتلوين [www.p33p.com] العاب طبخ [www.p33p.com] العاب برا&#157

Read the rest of this comment...




Re: Used device bought on Ebay allowed full remote VPN access (Score: 1)
by salah99 on Tuesday, 10 November 2009 @ 10:26:27 EST
(User Info | Send a Message)

نوكيا [forum.alamye.com] العاب [www.66z.com] صور سيارات - سيارات - اخبار السيارات [www.almuraba.net] منتدى السيارات [forum.almuraba.net] منتديات [www.rwa3.com] صدى الملاعب [www.0ff0.com] حواء [www.hawaaclub.com] العاب [www.66z.com] العاب مغامرات [www.p33p.com] العاب اطفال [www.p33p.com] العاب افلام كرتون [www.p33p.com] العاب سيارات [www.p33p.com] العاب سرعة العاب تركيز [www.p33p.com] العاب طيران و فضاء [www.p33p.com] العاب طريفة العاب مسلية [www.p33p.com] العاب منوعة العاب جميلة [www.p33p.com] العاب مكياج العاب ميك اب [www.p33p.com] العاب باربي [www.p33p.com] العاب اكشن [www.p33p.com] العاب دولز [www.p33p.com] العاب بازل العاب ذكاء [www.p33p.com] العاب تلبيس [www.p33p.com] العاب جديدة 2010 [www.p33p.com] العاب دراجات [www.p33p.com] العاب رياضية [www.p33p.com] العاب رسم وتلوين [www.p33p.com] العاب طبخ [www.p33p.com] العاب برا&#157

Read the rest of this comment...




All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2007 by CCCure.Org, and the site maintainers Clement Dupuis and Nathalie Lambert. Reuse is strictly prohibited without written permission of CCCure.Org or it's maintainers.

This web site is not associated directly or indirectly with ISC2, the SANS Institute, ISACA, or other certification authority. The GCFW, CISSP, SSCP, ISSEP, ISSMP, CISA, and CISM are all the property of their respecful owners. The content of this site is provided to you freely due to the generosity of our sponsors.


  • Career
  • Magazines
  • Conferences
  • Study Books
  • Certifications
  • Training
  • Tutorials
  • Quizzes
  • Forums

    • Page Generation: 3.11 Seconds