From: "Robert Comer" 

> Remember codered? It crashed all the cisco 677 and 678 routers because
> even
> if you disabled the web interface the stupid things were still vulnerable,
> you had to change the port. Ok so the user is having a problem, his dsl
> keeps going down and because you provide dsl via half a dozen different
> phone companies who have each switched hardware brands half a dozen times
> you have absolutely no idea what his hardware is let alone if it's
> vulnerable or patched or what.

The ISP would know if that's happening so there's no problem detecting it,
and if these black box machines are like I imagine, there is absolutely no
possible way that something like code red could work on the users machine.
(or any other exploit that involves executing code arbitrarily)

>Ok so the user is having a problem, his dsl
> keeps going down and because you provide dsl via half a dozen different
> phone companies who have each switched hardware brands half a dozen times
> you have absolutely no idea what his hardware is let alone if it's
> vulnerable or patched or what.

You're thinking of what it's like today, I'm aiming for the future...

> So how do you replace it? You still have to have the customer read the tag
> to you .

Sales information, and yes, it'd probably take some kind of forced
registration to get support.

> yeah but IBM already knows it's their hardware or they wouldn't be getting
> the call..

It'll be no different for these black box machines. (the
manufacturer/support people will know exactly what they have if they have
one of their boxes.)

- Bob Comer



"Geo"  wrote in message
news:421ff4d1$1{at}w3.nls.net...
> "Robert Comer" 
wrote in message
> news:421f33ee{at}w3.nls.net...
>
>> In a perfect world, the computer, router, and line would all be black box
>> and you'd just replace the defective part.  You can't reach the router,
>> check the line, if the line's good, the router is bad -> replace. If the
>> router is alive, then the cable may be bad -> replace, (maybe redundant
>> cable?) still bad, computer is bad -> replace.
>
> Remember codered? It crashed all the cisco 677 and 678 routers because
> even
> if you disabled the web interface the stupid things were still vulnerable,
> you had to change the port. Ok so the user is having a problem, his dsl
> keeps going down and because you provide dsl via half a dozen different
> phone companies who have each switched hardware brands half a dozen times
> you have absolutely no idea what his hardware is let alone if it's
> vulnerable or patched or what.
>
> So how do you replace it? You still have to have the customer read the tag
> to you .
>
>> You've seen IBM CE maintenance manuals, haven't you. 
>
> yeah but IBM already knows it's their hardware or they wouldn't be getting
> the call..
>
> Geo.
>
>

--- BBBS/NT v4.01 Flag-5