| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: karmic_nirvana at yahoo.com (nirvana) Subject: Network Security in India Yes, it's pretty ironic that although India is emerging fast as a global provider of Managed Security Services, however there is still lot of work to be done in the domestic security scene. The situation is pretty bad in Government, ISPs and other miscellany. However ITES and BPO are now better aware. Thanks to NASSCOM-ITAA stress on security and data regulations. As regarding the second question. There are, in fact, many active Indian security mailing lists. Their membership is surprisingly large and has security enthusiasts from many countries (and lot of people from Full-Disclosure) and the quality of discussion is pleasing. You can subscribe to Ring-Of-Fire (Yahoo group), pentest (www.oissg.org) and Security_Auditors (Yahoo group). -Pukhraj Singh "Gautam R. Singh" <gautam.singh@...il.com> wrote:Hi, I am sure there would have been many lapses in security. And one such trend I see here is a number of small "cable" internet providers that have sprung up in my area (Delhi, NCR). All of them use RF links etc from ISP like Bharti, Primus etc and provide internet thru ethernet on a Cat5 cable. And now imagine the possibilities. :) Users of such systems are on LAN, plagued by worms, DoS, privacy issues, sniffing passwords, monitoring what sites other peepz are visiting etc etc. //is there any security list specific for India where we can just "discuss" & learn new things Regards, Gautam --__--__-- Message: 14 Date: Wed, 24 Nov 2004 03:03:00 +0530 From: john morris Reply-To: john morris To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] Network Security in India I had a brief stint Primus Telecom in delhi ( www.primus-direct.com). It has a flat network with absolutely no security. The routers as as vulnerable to any known exploit and the same applies to a few web servers they host. The basics such as patch management is never taken care of. This mail doesnot intend to harm any one but i want to know is this the way major ISP around the globe function. The company functions on illegal frequencies (Primus's major customers connect through RF links). I have the proofs to show that they do function on frequencies not allocated to them and during routine check ups by the DoT ( Department of Telecommunications Govt. of India) They have to change the frequency for a while and do favors to the Govt. Employees to keep the business going. Well this is not my concern but somehow this seems unhealthy. Is this a practise worldwide. During my interview with a company major i insisted on my security conern but the company was least bothered. Would someone tell me is this the way the whole industry functions. Inspite of reminders to the company that any lamer has the potential to run them out of business by bringing their whole network down within a few min( which includes the ETBwmgr , the netcache box or even the main router(7500 series with a backup)) has been given a deaf ear. Is this the way a ISP with important clients in the pvt and the govt key sectors functions. I personally doubt the future. Is Primus listening. Its time to wake up. -- (FROM LINKS TO LINKS WE ARE ALL LINKED) cheersssss..... morris -- Gautam R. Singh [mcp, ccna, cspfa, unemployed] t: +91 9848 525 074 | pgp: http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_@...mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html --------------------------------- Do you Yahoo!? Yahoo! Mail - You care about security. So do we. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041124/a295e2c5/attachment.html
Powered by blists - more mailing lists