Home page logo

basics logo Security Basics mailing list archives

RE: Locking Cisco Router
From: "Dozal, Tim" <tdozal () cisco com>
Date: Wed, 20 Nov 2002 13:40:23 -0800

After asking a few other engineers who work more on our routers I'm
almost positive there is NO WAY to disable password recovery for
somebody who has physical access and local console access to a cisco


-----Original Message-----
From: DeGennaro, Gregory [mailto:Gregory_DeGennaro () csaa com] 
Sent: Monday, November 18, 2002 4:15 PM
To: 'matt'; ziggy () one2net co ug; security-basics () securityfocus com
Subject: RE: Locking Cisco Router 


I may be wrong on this because I have not heard nor research it at
Cisco. From what I know, it is not possible to totally lock a router
down without password recovery (ctrl-break)unless you implement physical
security. However, remember that no can password recover over the
Internet but need direct access to the router.  Why would you want to
stop it because if you do and you forget your password or whatever, it
may be more frustrating and costly than implementing physical security.

I did a "quick" search and nothing for routers.


-----Original Message-----
From: matt [mailto:tool8185 () adelphia net]
Sent: Sunday, November 17, 2002 7:34 AM
To: ziggy () one2net co ug; security-basics () securityfocus com
Subject: RE: Locking Cisco Router 

Why would you want to do that?  Is it company owned or privately owned?
If company owned, then if you quit or get fired, only you know the
password to the router itself else the next expert will have to
reconfigure the router changing the bits so that the password no longer
exists creating time... Now if privately owned, as long as the password
is never mentioned to anyone, there isn't any problems. And what version
are you with? 250*, higher? Lower? from where I can see, your answer is
no but I could be wrong...

-----Original Message-----
From: David Lubowa [mailto:ziggy () one2net co ug] 
Sent: Thursday, November 14, 2002 9:50 AM
To: security-basics () securityfocus com
Subject: Locking Cisco Router 

is it possible to lock a cisco router to a point that even a password
recovery cant work to enter the router.

David Ziggy Lubowa
Network Engineer
One2net (U)
web: www.one2net.co.ug
Tel: +256 41 345466

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]