Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: previledge password in cisco routers
From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 24 Nov 2004 13:25:28 -0600

Sorry but cisco can only be blamed for so much. If you allow telnet to
your router from the internet...then how is that Cisco's fault? Or even
if you allow SSH from the internet...network protection is the key.
Software will have holes and problems with be found. Only thru good
network design and layered security will you be protected.

Server are open to attack also if you allow FTP, SSH and TS from the
internet...what do you think will happen?

SNMP strings are like gold..and very few people understand they need to
change them and guard them as such...but again that isn't cisco's fault.
Should you use the web interface to connect your routers? Well no..there
are problem with it...learn the command line and therefore the problem
doesn't exist.

-----Original Message-----
From: Gary E. Miller [mailto:gem () rellim com] 
Sent: Wednesday, November 24, 2004 1:20 PM
To: Todd Towles
Cc: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] previledge password in cisco routers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Todd!

On Wed, 24 Nov 2004, Todd Towles wrote:

Do you seriously think there is a easy way to get the 
enable password 
remotely?

Cisco has previously had bugs that allowed easy enable 
password recovery remotely using SNMP and the web management 
interface.  If it is an older unpatched router, showing one 
of these services to you, then a search of standard exploits 
will turn up what you need.

There was a particularly nasty telnet hack a while back.  
Even if you had an ACL on the port you were easily hacked.

If past performance is any indicator or future performance 
then there will again be a Cisco bug, or sloppy admin,  that 
allows this.

RGDS
GARY
- 
--------------------------------------------------------------
-------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
      gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFBpN748KZibdeR3qURAh6DAJ4zZnYcMO0uhg6lfs83ScS3IpsVxgCgiVBK
9rIjcwwiaIDhHAK15G8x0wk=
=wREb
-----END PGP SIGNATURE-----



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]