- is my network secure?
- Posted by Fred on November 27th, 2005
My network is set up as below;
Could anyone advise as to whether there is anything else I could do to
enhance security?
Bexhill Road 217.204.190.13 - Easynet. ADSL Username is
sussexturnery@easydsl.net, Password tungau87 Tel 0800 053 4343
Churchfields 81.174.162.232 - Plusnet. ADSL Username is
stamco@plus.net password orange. Contact via www.plus.net
<http://www.plus.net/>
Hove 80.229.37.79 - Plusnet. ADSL Username is
stamcohove@plusdsl.net password orange. Contact via www.plus.net
<http://www.plus.net/>
External POP3 (email) server mail.demon.net username
stamco password rtrv4GL
FTP Addresses (Web-sites) ukupload.demon.net username stamco
password rtrv4GL (Main stamco.co.uk site)
ftp.plus.net
<ftp://ftp.plus.net/> username stamco password orange
(stamcoshop.co.uk site)
Internal routers;
Bexhill Road 192.168.1.248 Telnet/SSH;
Username kcceng password kcc123
Bexhill Road ADSL 192.168.254.254 Internet Explorer;
Direct connection
Churchfields 192.168.2.248 Telnet/SSH;
Username kcceng password kcc123
Churchfields ADSL 192.168.2.247 Internet Explorer;
blank username password orange
Hove 192.168.3.248 Telnet/SSH; Username
kcceng password kcc123
Hove ADSL 192.168.2.247 Internet Explorer;
blank username password orange
Servers;
STAMCO_ONE administrator
orange
STAMCO_TS1 administrator
orange
Email/Intranet (192.168.1.1) admin
orange (connect either via telnet or http://192.168.1.1:10000
<http://192.168.1.1:10000/> ) - This also controls DHCP
Phone Stats database (192.168.1.244) root
orange (connect via telnet or http://192.168.1.244:10000
<http://192.168.1.244:10000/> ) - Also has redundant DHCP server
K8 (192.168.1.249) kccs
5t4mc0123 or root sta0098
KPRINT kccs
kcc123
- Posted by jKILLSPAM.schipper@math.uu.nl on November 27th, 2005
Fred <Fred.Thomas@stamco.com> wrote:
What kind of joke is this? Someone trying to take out one of their
enemies?
Joachim
- Posted by Christian Fuß on November 27th, 2005
The Accounts are all real.... holy shit...
are you high? omfg!
--
MFG
Christian Fuß, replica-solutions.de
( Linux, Poetry, Community 4 everyone, International German/English )
- Posted by martin on November 27th, 2005
Christian Fuß wrote:
the web site is still up and looks untouched. Was the FTP address u/n
p/w valis as well? I can't look from the UK because of the computer
misuse act lol. It's a business site!
lol My bet is a manager who was just fired
- Posted by martin on November 27th, 2005
Jim Watt wrote:
I'm not going to even attempt to try the uid's, I AM going to be on the
phone to them at 7:30 tomorrow when they open shop, might get a new
client out of them 
I'm in Sussex, so they're almost local. I'll post back
- Posted by Roy Penfold on November 28th, 2005
Thanks for the attention on this guys,
Our tripwire system picked up an intrusion attempt onto our main server and
alerted me at 02:00 this morning.
It loooks as though someone found a way into our network and discovered an
email to our new network admin giving passwords etc.
I have changed all passwords and am in the processof changing usernames/IP
addressess.
Log files are being sent to Sussex Police. As a result of this, I would
recommend not attempting to connect on any of the IPs listed.
Many thanks for you attention on this guys.
Roy Penfold
IT Manager
STAMCO Timber
"Jim Watt" <jimwatt@aol.no_way> wrote in message
news:1hkko1tluf6sadkrhrnbpglahn627f0lnd@4ax.com...
- Posted by martin on November 28th, 2005
Roy Penfold wrote:
doh!
- Posted by Donnie on November 28th, 2005
New admin? What happened to the old admin?
donnie.
