Slashdot Mirror

← Back to Stories (view on slashdot.org)

Deutsche Telekom Says 900,000 Fixed-Line Customers Suffer Outages (reuters.com)

Posted by ryuzaki0 on from the network-outages dept.

About 900,000 Deutsche Telekom fixed-line customers have been hit by network outages, the carries said on Monday, and it could not rule out "targeted external factors" as the reason. From a Reuters report: Fixed-line customers have had problems connecting to Deutsche Telekom's network since Sunday afternoon, the company said. "Based on the pattern of errors, it can not be ruled out that the router has been targeted externally, with the result that it can no longer log on to the network," Deutsche Telekom, which has 20 million fixed-line customers, said in a statement on it website.

13 of 27 comments (clear)

  1. "The Russians" again? by xxxJonBoyxxx · · Score: 1

    >> it could not rule out "targeted external factors"

    I had no idea Hillary was working for Deutsche Telekom now. Happy to see her land on her feet!

    More likely, it was a terrorist squirrel (http://cybersquirrel1.com/).

  2. The horror by 110010001000 · · Score: 2

    What will the Germans do without their daily dose of spam calls from India?

  3. TR-069 targeted by Maavin · · Score: 1

    As their first working fix was blocking Port 7547, one can safely assume that the TR-069 implementation of specific router models were targeted. 3rd party routers are/were completely unaffected.

    --


    Crivens! I kicked meself in me own heid!
    1. Re:TR-069 targeted by Shatrat · · Score: 2

      As someone who has worked with TR-069 from the carrier/vendor side, that doesn't surprise me at all. There are some provisions for security in the TR-069 protocol, but they're not taken as seriously or implemented as rigorously as they should be. I think this is inevitable when it's done over a public interface. A better solution is to give the router two WAN interfaces on two different VLANs, one public for Internet service and one private for SNMP, TR-069, et cetera.

      --
      09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    2. Re:TR-069 targeted by I4ko · · Score: 1

      It is interesting that you point this out. I've been seeing port scans for TR-069 for the past 4 days. I've since added the port to a rule that will permanently ban an IP if they try to connect on that port.

  4. I experienced this first hand by itsme1234 · · Score: 1

    I helped a friend install a new computer and then after all was fine he started to lose the telephony (which looks for the customer like PSTN but is voip over Telekom's router), the DNS (which was by default served from the same router) and ultimately all internet connectivity. After reboot it would work again for 10-20 minutes then start to lose it gradually. I guess it could be some kind of DoS.

    It took us quite a while to actually google and find there's a big outage going on. All the while the friend insisted it's the new computer's fault (even after we disconnected it), no there are no such coincidences...

    I didn't have any issue even if I'm in the same area (and with Telekom) but of course I'm not using their PoS router.

  5. It's a TR-069 exploit in Deutsche Telekom routers by Anonymous Coward · · Score: 2, Informative

    and possibly other routers. There's a thorough article about the issue. Apparently the handler for a SOAP request doesn't sanitize untrusted input and executes backticked shell code.

  6. SOAP Vulnerability added to Mirai by UnderAttack · · Score: 2

    see https://isc.sans.edu/forums/di...

    looks like a new SOAP vulnerability was added to Mirai. Here come a few million more mirai bots.

    --
    ---- join dshield.org Distributed Intrusion Detec
  7. Only their DNS was down by aepervius · · Score: 1

    For the average customer it means no internet. Me I simply replaced the dns by 8.8.8.8 and 8.8.4.4 temporarily (I'll go back to their dns afterward).

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  8. interresting very informative by aepervius · · Score: 1

    I was not aware of the product warning (well I did not leave it as default password, and i have one very long complicated alphanumeric one so i guess i am safer). Still the firmware update solved my problem... or was it unrelated and happenned at the same instant ? No idea but now it works. Thanks for the tip.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  9. Poorly written by Clsid · · Score: 1

    I think they should actually state where did the outages happen. One can guess it is somewhere in Germany, but geez...

    And before the whole "the Russians are coming" starts on this topic, here is an interesting link

    http://www.spiegel.de/internat...

    1. Re:Poorly written by rtb61 · · Score: 1

      So it would seem the NSA's excuse of choice is to be a toddler, we didn't do it, Russia did (it has been pretty noticeable for a while). So much so, they have to intersperse it with, we didn't do it, China did. When ever they are asked to prove their claim in court the always claim national security (they can not prove how Russia and China did it with out proving how they did it to Russia and China and that Russia and China are just retaliating). How about a treaty to stop doing, nope, nuh uh, they don't want that, pervy little bastards still want to feed their ego and sense of power and control over everyone else by getting and hoarding everyone's secrets. Little rat bags never grew out of their childish behaviour, we all knew and disliked them for it when they were young and oh look, they are still hard at it, tugging away at their own bits, getting all hot and bothered spying on everyone else (I bet if they had showers in NSA buildings the floors would be sticky, eww).

      --
      Chaos - everything, everywhere, everywhen
  10. detailed analysis by ahaubold · · Score: 1

    by Ralf-Philipp Weinmann: https://comsecuris.com/blog/po... just so you know ;)

    --
    Nope, I think you mistook me for someone else.