[plug] dodgy PixelNet/NetGateway product
Niall Young
niall at linuxsolutions.net.au
Fri Oct 6 15:58:21 WST 2000
Has anyone heard/encountered PixelNet's NetGateway product?
I just came across one this week - it's basically a hacked RedHat
gateway/firewall/mail/whatever server but the client retains almost no
control over its operation.
It was completely insecure - around 20 (absolutely unnecessary) ports open,
known exploits found for half a dozen of these, seemed to be in an old state
of maintenance package wise with a web interface to control a minimal subset
of services. I was pretty shocked.
But it gets worse - the client was never supplied the root password, not
even the reseller was given this, and maintenance seems only possible through
PixelNet on a yearly subscription basis. The client now has virtually no
control of their own hardware, have a gaping hole in their network's security
and are at the mercy of the product's creator.
Is it just me or does this care the hell out of you?
This isn't a plug for my own services, but I provide a similar product and
give the client full control over *their* machine - they're welcome to use me
for ongoing maintenance and advice, or another consultant if they prefer. The
consumer should always retain full control and choice. Has anyone seen
anything dodgy like this in the local Linux market?
--
Niall Young
Linux Solutions -- www.linuxsolutions.net.au
Providing Internet and Audio/Video Solutions and Consulting
PH: 0407 421 537 -- PO BOX 1117, Gwelup WA 6018 -- GPG ID: 8B3AE631
More information about the plug
mailing list