mailing list archives
RE: Locking Cisco Router
From: "Christian Freas" <ChrisF () fairbankscapital com>
Date: Fri, 22 Nov 2002 16:57:05 -0500
This is a common issue and Cisco routers are no different than anything
else. If you have physical access you own the box.
Whether you have the skill to reset the password is a separate issue,
but all of the info necessary to do it is on the Cisco website. They
have a published password recovery plan. You need a console, and access
to the box. Short of epoxying the console port closed, there is no way
to prevent this.
From: Chris Berry [mailto:compjma () hotmail com]
Sent: Wednesday, November 20, 2002 4:10 PM
To: security-basics () securityfocus com
Subject: RE: Locking Cisco Router
From: "Vik Evans" <vik () packeteye com>
Or there is always the over-worked, in house IT person who ends up
forgetting the password for what ever reason - what does he do now?
Being overworked is understandable, failing to keep an encrypted copy of
your passwords in case you forget is not, fire him. (Take a look at
PasswordSafe from www.counterpane.com 448bit blowfish encrypted storage)
However if this item is like most hardware I've worked with, there will
reset jumper or backup battery you can mess with inside the case that
clear all of the memory.
compjma () hotmail com
"And here in our server room you can see our Beowolf Cluster of C64's
keeps our enterprise on the very cutting edge of technology."
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*