Home page logo
/

nanog logo nanog mailing list archives

Re: Cisco, haven't we learned anything? (technician reset)
From: Martin Hannigan <hannigan () world std com>
Date: Thu, 12 Jan 2006 15:06:06 -0500 (EST)




On Thu, Jan 12, 2006 at 10:53:32AM -0600, Rob Thomas wrote:

Hi, Matthew.

] Cisco Router and Security Device Manager (SDM) is installed on this device.
] This feature requires the one-time use of the username "cisco"
] with the password "cisco".

Interesting.  Is it limited to one-time use?  Are the network login
services (SSH, telnet, et al.) prevented from using this login and
password?

      I know the AP350 comes with a default Cisco/Cisco account..

      (as opposed to doing a nvram/config clear and
it only lets you login on console).

      problem is with cisco each product group controls how
they ship their system, so the Aironet teams don't quite seem
to get this IMHO.  That doesn't mean your 76k/GSR/CRS-1 will have
Cisco/Cisco, but your aironet products sure may.


No, but it means that there is no centralized standard on how to 
implement authentication which is troubling. That means that your
GSR _could_ come with such a "feature".



-M<

      - jared


-- 
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault