Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (This Business is a Cult - like No Other:)
- Ebusinessbpo.com also known as Azspired
- Address: 15th Floor Cebu,
- I.T. Tower Cebu Business Park,
- Mindanao Ave, Cebu City,
- Cebu, Philippines 6000
- Phone:+1 866-583-2811
- Front End Business:
- Call Center BPO
- Customer Contact Center
- Host Services
- BPO Call Center & Consulting
- Real Estate Rentals & Sales
- 2 Resturants
- 4 Hotels
- Back End Businesses:
- Human Trafficking (US,UAE, Philippines, Korea, Japan, Thailand, etc.)
- Prostitution
- Bribery of Public Officials
- Extortion
- Drug Smuggling & Trafficking (Marijuana, Meth, Hashese)
- Blackmail
- Paligamy
- Bootlegging Alcohol
- Gun Running
- **********************************************************************************************
- Scott Johnson (American)
- President at Beachside Asia Limited.
- President EBUSINESS BPO -Cebu
- Region VII - Central Visayas, Philippines
- scott@ebusinessbpo.com
- Personal Cell Phone Number:
- +639173015061
- Mark Johnson American-(son of Scott)
- Vice President of Ebusiness BPO-Cebu
- mark@ebusinessbpo.com
- Personal Cell Phone Number:
- +639173109568
- Almira Absin Cebu- Fipina (wife of Scott Johnson)
- Chief Operating Officer at Ebusiness EBPO -Cebu
- almira@ebusinessbpo.com
- Personal Cell Phone Number:
- +639173083868
- YouTube
- https://www.youtube.com/watch?v=Vnn_Sc804rw
- **************************************************************************************************
- Network Notes:
- Cebu Network is directly connected to Los Angelas, California via 2 MPLS Links. The 2 MPLS Links are in Redundant
- Fail-over mode. Both Links are Connected to 2 Cisco ASA on the Cebu, Philippines side. The current Cisco ASA configs has vulnerability issues.
- The Cebu Network is only protected by the external Cisco ASA devices.
- The internal Network is sliced up in multiple flat space networks. (ie: 192.168.7.0/24 Network is all IT Equipment, 192.168.2.0 /24 is Call Center
- Production, 192.168.8.0 /24 is Credit Card Processing Center, 192.168.4.0/ 24 is Call Center Representatives)
- Cedit Card Processing is only protected by an open source "PFSense Firewall".
- All other flat space networks are only protected by kaspersky endpoint security 8.
- Nessus Scan Report
- Thu, 13 Aug 2015 18:10:45 GMT
- Ebuisness EBPO Cisco ASA IOS Vulnerability Issues:
- ASA # 1: 103.231.134.5
- ASA # 2: 103.231.134.10
- ASA Software Version 9.1(2)
- Object (7) - Crafted ICMP Packet Denial of Service Vulnerability CSCui77398
- Threat Level : EXTREME HIGH Current Workaround: None.
- SSLv3 Padding Oracle On Downgraded Legacy Encryption in Cisco ASA Software
- (cisco-sa-20141015-poodle) (POODLE)
- Symptom: The Cisco ASA (Adaptive Security Appliance) includes a version of OpenSSL.
- Conditions:The default SSL configuration on all ASA software trains enables SSLv3.
- (reference Cisco.com bugs)
- https://tools.cisco.com/bugsearch/bug/CSCur23709
- Cisco ASA TLS CBC Information Disclosure (CSCus08101)
- Symptom: Cisco ASA includes a version of TLS that is affected by the vulnerabilities.
- ALL Cisco ASA Software releases running on Cisco ASA 5500 and 5500-X Series are affected.
- Conditions: The Cisco ASA Software is affected by this vulnerability if a feature which use TLS is enabled.
- The exposure will be confined to that feature only.
- https://tools.cisco.com/bugsearch/bug/CSCus08101/?referring_site=bugquickviewredir
- Object (7) - Crafted ICMP Packet Denial of Service Vulnerability CSCui77398
- Note: should be changed to "echo" only to prevent a ping travel traversal completion and inspection across the ASA.
- "Raj is implementing a a fix via an ASA IOS upgrade to version 9.1
- Object (2) - (reference the ASA vunerability matrix below). Vunerablity:
- Remote Access VPN Authentication Bypass Vulnerability. Resolution:
- Currently Remote Access VPN currently denied for outside interfaces on active and standby ASA.
- ASA Software configured for LAN-to-LAN IPsec VPN is not affected
- Object (1) - Vulnerability: SQL*Net Inspection Engine Denial of Service Vulnerability.
- Resolution: Currently used only for internal LAN-ASDM connection.
- Object (3) - (reference the ASA vunerability matrix below). Vulnerability: Digital Certificate HTTP Authentication Bypass Vulnerability.
- Resolution: Per Cisco documentation, Digital certificate authentication is disabled by default for Cisco ASDM.
- Digital certificate authentication for Remote outsite interfaces is disabled on active and standby ASA.
- Object (4) - (reference the ASA vunerability matrix below). Vulnerability: HTTP Deep Packet Inspection Denial of Service Vulnerability. Resolution: HTTP
- Deep Packet Inspection (DPI) is currently disabled. Cisco ASA Software will not inspect DNS packets over TCP by default. DNS packet inspection not enabled.
- Object (5) - (reference the ASA vunerability matrix below).
- Vulnerability: AnyConnect SSL VPN Memory Exhaustion Denial of Service Vulnerability.
- Resolution: Webvpn currently not enabled on standby and active ASA.
- Object (6) - (reference the ASA vunerability matrix below). Vulnerability: SSL VPN Web Portal Denial of Service Vulnerability.
- Resolution: SSL VPN is disabled by default. SSL VPN is disabled on active and standby ASA.
- Cisco ASA HTTP Server Information Disclosure (CSCun78551)
- The attacker needs to have valid credentials, however any privilege level associated with that credential can cause the issue.
- For example privilege 0 or 1. Current Workaround: None.
- Known Fixed Software Releases: 9.2(1.100)
- https://tools.cisco.com/bugsearch/bug/CSCun78551/?referring_site=ss
- Cisco ASA Software SharePoint RAMFS Integrity and Lua Injection Vulnerabilities (CSCup54208 and CSCup54184)
- To exploit this vulnerability, an attacker must authenticate to the targeted device.
- This access requirement may reduce the likelihood of a successful exploit.
- Upgrade ASA to software version 9.3(2.6) - No other known patches or Fixes to date.
- https://tools.cisco.com/bugsearch/bug/CSCup54208/?referring_site=bugquickviewclick
- Cisco ASA SSL VPN Information Disclosure (CSCuq65542)
- A vulnerability in the SSL VPN code of Cisco ASA Software could allow an
- unauthenticated, remote attacker to obtain information about the Cisco
- ASA Software version. Disabled SSL VPN on the ASA system. Current Workaround:
- None. https://tools.cisco.com/bugsearch/bug/CSCuq65542/?referring_site=ss
- Cisco ASA SSL VPN Memory Blocks Exhaustion DoS (CSCuq68888)
- Symptoms: Crafted HTTP request may cause the 64K Blocks depletion.
- Conditions: webvpn needs to be enabled.
- https://tools.cisco.com/bugsearch/bug/CSCuq68888/?referring_site=ss
- SSH Server Type and Version Information
- Known Fixed Releases: None Workaround: There are no workarounds.
- Threat Level : Low
- Nessus SYN scanner
- ASA's currently configured for point to MPLS and Point to VPN operation (ie: Point to Point).
- Threat Level : HIGH Current Workaround: None.
- IPSEC Internet Key Exchange (IKE) Version 1 Detection
- (IKE-VPN) Configured only for one BGP Neighbor Only. Incoming Trafffic Filters are in effect.
- Threat Level : HIGH Current Workaround: None.
- Session Initiation Protocol Detection
- Incoming Trafffic Filters are in effect. Used only by trusted point to point sources. Threat
- Level : HIGH Current Workaround: None.
- IPSEC Internet Key Exchange (IKE) Version 2 Detection
- (IKE-VPN) Configured only for one BGP Neighbor Only. Incoming Trafffic Filters are in effect.
- Level : HIGH Current Workaround: None.
- AS59366
- eBusinessBPO Inc.
- IP Addresses 256
- 103.231.134.0/24
- eBusinessBPO, Inc.
- aut-num: AS59366
- as-name: EBUSINESSBPOINC-AS-AP
- descr: eBusinessBPO Inc.
- country: PH
- admin-c: EIA3-AP
- tech-c: EIA3-AP
- mnt-by: MAINT-EBUSINESSBPOINC-PH
- mnt-irt: IRT-EBUSINESSBPOINC-PH
- mnt-routes: MAINT-EBUSINESSBPOINC-PH
- changed: it@ebusinessbpo.com 20140520
- source: APNIC
- mntner: MAINT-EBUSINESSBPOINC-PH
- descr: eBusinessBPO Inc.
- country: PH
- admin-c: EIA3-AP
- upd-to: it@ebusinessbpo.com
- mnt-by: MAINT-EBUSINESSBPOINC-PH
- referral-by: APNIC-HM
- changed: it@ebusinessbpo.com 20140513
- source: APNIC
- 103.231.134.0/24
- ASN
- AS59366
- eBusinessBPO Inc.
- ID: EBUSINESSBPOINC-PH
- Description: eBusinessBPO, Inc.
- Country Philippines
- Registry apnic
- IP Addresses in this block
- 103.231.134.1
- 103.231.134.2
- 103.231.134.3
- 103.231.134.4
- 103.231.134.5
- 103.231.134.6
- 103.231.134.7
- 103.231.134.8
- 103.231.134.9
- 103.231.134.10
- 103.231.134.11
- 103.231.134.12
- 103.231.134.13
- 103.231.134.14
- 103.231.134.15
- 103.231.134.16
- 103.231.134.17
- 103.231.134.18
- 103.231.134.19
- 103.231.134.20
- 103.231.134.21
- 103.231.134.22
- 103.231.134.23
- 103.231.134.24
- 103.231.134.25
- 103.231.134.26
- 103.231.134.27
- 103.231.134.28
- 103.231.134.29
- 103.231.134.30
- 103.231.134.31
- 103.231.134.32
- 103.231.134.33
- 103.231.134.34
- 103.231.134.35
- 103.231.134.36
- 103.231.134.37
- 103.231.134.38
- 103.231.134.39
- 103.231.134.40
- 103.231.134.41
- 103.231.134.42
- 103.231.134.43
- 103.231.134.44
- 103.231.134.45
- 103.231.134.46
- 103.231.134.47
- 103.231.134.48
- 103.231.134.49
- 103.231.134.50
- 103.231.134.51
- 103.231.134.52
- 103.231.134.53
- 103.231.134.54
- 103.231.134.55
- 103.231.134.56
- 103.231.134.57
- 103.231.134.58
- 103.231.134.59
- 103.231.134.60
- 103.231.134.61
- 103.231.134.62
- 103.231.134.63
- 103.231.134.64
- 103.231.134.65
- 103.231.134.66
- 103.231.134.67
- 103.231.134.68
- 103.231.134.69
- 103.231.134.70
- 103.231.134.71
- 103.231.134.72
- 103.231.134.73
- 103.231.134.74
- 103.231.134.75
- 103.231.134.76
- 103.231.134.77
- 103.231.134.78
- 103.231.134.79
- 103.231.134.80
- 103.231.134.81
- 103.231.134.82
- 103.231.134.83
- 103.231.134.84
- 103.231.134.85
- 103.231.134.86
- 103.231.134.87
- 103.231.134.88
- 103.231.134.89
- 103.231.134.90
- 103.231.134.91
- 103.231.134.92
- 103.231.134.93
- 103.231.134.94
- 103.231.134.95
- 103.231.134.96
- 103.231.134.97
- 103.231.134.98
- 103.231.134.99
- 103.231.134.100
- 103.231.134.101
- 103.231.134.102
- 103.231.134.103
- 103.231.134.104
- 103.231.134.105
- 103.231.134.106
- 103.231.134.107
- 103.231.134.108
- 103.231.134.109
- 103.231.134.110
- 103.231.134.111
- 103.231.134.112
- 103.231.134.113
- 103.231.134.114
- 103.231.134.115
- 103.231.134.116
- 103.231.134.117
- 103.231.134.118
- 103.231.134.119
- 103.231.134.120
- 103.231.134.121
- 103.231.134.122
- 103.231.134.123
- 103.231.134.124
- 103.231.134.125
- 103.231.134.126
- 103.231.134.127
- 103.231.134.128
- 103.231.134.129
- 103.231.134.130
- 103.231.134.131
- 103.231.134.132
- 103.231.134.133
- 103.231.134.134
- 103.231.134.135
- 103.231.134.136
- 103.231.134.137
- 103.231.134.138
- 103.231.134.139
- 103.231.134.140
- 103.231.134.141
- 103.231.134.142
- 103.231.134.143
- 103.231.134.144
- 103.231.134.145
- 103.231.134.146
- 103.231.134.147
- 103.231.134.148
- 103.231.134.149
- 103.231.134.150
- 103.231.134.151
- 103.231.134.152
- 103.231.134.153
- 103.231.134.154
- 103.231.134.155
- 103.231.134.156
- 103.231.134.157
- 103.231.134.158
- 103.231.134.159
- 103.231.134.160
- 103.231.134.161
- 103.231.134.162
- 103.231.134.163
- 103.231.134.164
- 103.231.134.165
- 103.231.134.166
- 103.231.134.167
- 103.231.134.168
- 103.231.134.169
- 103.231.134.170
- 103.231.134.171
- 103.231.134.172
- 103.231.134.173
- 103.231.134.174
- 103.231.134.175
- 103.231.134.176
- 103.231.134.177
- 103.231.134.178
- 103.231.134.179
- 103.231.134.180
- 103.231.134.181
- 103.231.134.182
- 103.231.134.183
- 103.231.134.184
- 103.231.134.185
- 103.231.134.186
- 103.231.134.187
- 103.231.134.188
- 103.231.134.189
- 103.231.134.190
- 103.231.134.191
- 103.231.134.192
- 103.231.134.193
- 103.231.134.194
- 103.231.134.195
- 103.231.134.196
- 103.231.134.197
- 103.231.134.198
- 103.231.134.199
- 103.231.134.200
- 103.231.134.201
- 103.231.134.202
- 103.231.134.203
- 103.231.134.204
- 103.231.134.205
- 103.231.134.206
- 103.231.134.207
- 103.231.134.208
- 103.231.134.209
- 103.231.134.210
- 103.231.134.211
- 103.231.134.212
- 103.231.134.213
- 103.231.134.214
- 103.231.134.215
- 103.231.134.216
- 103.231.134.217
- 103.231.134.218
- 103.231.134.219
- 103.231.134.220
- 103.231.134.221
- 103.231.134.222
- 103.231.134.223
- 103.231.134.224
- 103.231.134.225
- 103.231.134.226
- 103.231.134.227
- 103.231.134.228
- 103.231.134.229
- 103.231.134.230
- 103.231.134.231
- 103.231.134.232
- 103.231.134.233
- 103.231.134.234
- 103.231.134.235
- 103.231.134.236
- 103.231.134.237
- 103.231.134.238
- 103.231.134.239
- 103.231.134.240
- 103.231.134.241
- 103.231.134.242
- 103.231.134.243
- 103.231.134.244
- 103.231.134.245
- 103.231.134.246
- 103.231.134.247
- 103.231.134.248
- 103.231.134.249
- 103.231.134.250
- 103.231.134.251
- 103.231.134.252
- 103.231.134.253
- 103.231.134.254
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement