Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Open tcp port 2005 on cisco router
From: deniz () edizayn com tr (Deniz CEVIK)
Date: Wed, 7 Jan 2004 09:44:55 +0200

Yes, I can connect but I couldn't recieve or send any data. I don't know the
model of cisco router but this information also gives us some hints about
the model. It should be cisco 2511. As far as I know, in order to get
terminal screen we should telnet to loopback address that has been defined
for this purpose in the router. What I wonder is can we still get terminal
screen when I connect to port 2005 of router's IP from Internet (out of the
router)?

BR

-----Original Message-----
From: jamesworld () intelligencia com [mailto:jamesworld () intelligencia com]
Sent: Tuesday, January 06, 2004 9:56 PM
To: Deniz CEVIK
Cc: pen-test () securityfocus com
Subject: Re: Open tcp port 2005 on cisco router

On a misconfigured router. yes.  Can you connect?
The command that enables this in the line configuration is:
telnet access-server 2005

They need an access-list applied to the router line interface(s) to only
allow that from specific (NEEDED) IP's

Good job!  You found what you are supposed to!

-J

At 10:34 01/06/2004, Deniz CEVIK wrote:

        Hi All,

        While I am scanning one of our customer's border router, I have
seen that
TCP port 2005 is open and reachable from Internet. As far as, I know this
port is being used for async. connection to other devices in this router.
Is
that normal to see this port as open from Internet?

        BR


---------------------------------------------------------------------------
---------------------------------------------------------------------------
-



---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault