This really isn't a m*dilemma so much as it is a
question of due diligence of sysadmins...
Not too long ago, I received word via the 'groups that a particular
IP address yielded interesting information when telnetted to.
I tried it...and found it to be an unpassworded switch. I immediately
contacted the contact I got from a whois lookup and it was
Recently, within the past several weeks, I have received information
regarding two more switches...different IPs from the first. Not only
are they open to telnet (no password), but the Java management
interface to the switches is really cool!! In fact, someone could shut
down the switch by clicking their mouse twice!
I have tried to contact everyone I have found via whois, etc. I have
calling. I got the IPs from a skript kiddie at the school...I am afraid
they will post the IPs on the Internet. I have yet to get a response to
of my queries, and the switches haven't been 'fixed'.
Now, the question to pose is this: I could alter the sysContact and
to hold a little message, and then shut the switches down myself. But
technically, that's a crime. Or I could just walk away and leave these
at the mercy of the skript kiddies. I'm not asking for you to
still trying to get in touch with someone...