Anyone notice pages on the 172.16.0.x range?

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
45,155
#22
Yeah it's one of Rain's switches. I saw something like this before. Aeonova 360 fibre. Some of their switches weren't configured properly and I was able to view them like what OP is experiencing. You won't be able to login anyways because they probably not using default passwords and brute forcing would probably kick or ban your IP anyways. Just a techie not setting the firewall properly.
I dont think many people would try brute force a switch like that, I would check for out dated exploitable firmware. Either or, end users on the network should not be able to see that, or the IP cam. Perhaps the OP should drop them an email and let them know their network has security problems.

This is also not just techie failure, but technical management failure, that should have been checked. They should be working through checklists with this kinda tech. This isnt hard to fix, but hopefully whomever runs their systems will create checks and balances to ensure security is taken seriously.
 
Last edited:

Speedster

Executive Member
Joined
May 2, 2006
Messages
6,535
#29
This is crazy - I can access that same camera. Someone at rain really messed up.

EDIT: I've found three cameras on that range - they all seem to be located at the same data centre.

EDIT AGAIN: Would it be very naughty to change their passwords for them?
 
Last edited:
Joined
Jan 12, 2019
Messages
10
#32
guess it's worth mentioning that the pages for the switch and cameras are not accessible when there is no on peak data and the rain.co.za/offline page shows. the address redirect to the "you're offline" page.

its maybe obvious but idk much about networking yet still learning
 

Sweevo

Honorary Master
Joined
Jul 18, 2008
Messages
34,304
#34
guess it's worth mentioning that the pages for the switch and cameras are not accessible when there is no on peak data and the rain.co.za/offline page shows. the address redirect to the "you're offline" page.

its maybe obvious but idk much about networking yet still learning
Interesting. Next time I go oob on Telkom I’m so doing a full scan lol.
 

Sweevo

Honorary Master
Joined
Jul 18, 2008
Messages
34,304
#35
This is crazy - I can access that same camera. Someone at rain really messed up.

EDIT: I've found three cameras on that range - they all seem to be located at the same data centre.

EDIT AGAIN: Would it be very naughty to change their passwords for them?
What I do in these situations is find a printer on the LAN and print 9999 pages with “I will secure my network” - white text on black background.
 
Joined
Dec 26, 2013
Messages
748
#37
They could also be honeypots (unlikely), so theres that, but drop them an email and let them know they should fix it.
These are not honey pots, this is a mistake. If you are directly on the MFN fibre with them as the ISP not external, you can also access their Mikrotik Routers with the way they set them up. Played around on that a year or so ago.
 

Sweevo

Honorary Master
Joined
Jul 18, 2008
Messages
34,304
#38
These are not honey pots, this is a mistake. If you are directly on the MFN fibre with them as the ISP not external, you can also access their Mikrotik Routers with the way they set them up. Played around on that a year or so ago.
A year down the line and their equipment is still visible to clients? Does nobody at least want to tell them?
 
Joined
Dec 26, 2013
Messages
748
#39
A year down the line and their equipment is still visible to clients? Does nobody at least want to tell them?
Im with cool ideas at the moment, once i changed the ISP part i went off it. i did once tell someone but he was all big d!ck and didnt understand really what it meant.
 
Top