[35091] in North American Network Operators' Group
Re: Warning: Cisco RW community backdoor.
daemon@ATHENA.MIT.EDU (Jared Mauch)
Mon Feb 26 22:02:17 2001
Date: Mon, 26 Feb 2001 21:48:12 -0500
From: Jared Mauch <jared@puck.Nether.net>
To: John Payne <john@sackheads.org>
Cc: Jared Mauch <jared@puck.Nether.net>,
Simon Lyall <simon.lyall@ihug.co.nz>, nanog@merit.edu
Message-ID: <20010226214812.C16411@puck.nether.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010226184340.S12817@haybaler.sackheads.org>; from john@sackheads.org on Mon, Feb 26, 2001 at 06:43:40PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
I was told by Cisco it should be RW. (To override the builtin
one).
I never ran a test w/ RO so was speaking from that
data.
If you get some message about the "community/party" exists
or something like that, put this in:
no snmp-server view *ilmi
It doesn't get saved in the config, so if you machine generate
your nvram:startup-config, you're ok, if you do not, you will
need to re-add it each time you reboot.
- Jared
On Mon, Feb 26, 2001 at 06:43:40PM -0800, John Payne wrote:
> On Mon, Feb 26, 2001 at 09:06:51PM -0500, Jared Mauch wrote:
> >
> > 1) Workaround provided by James is incorrect. You need RW not
> > RO.
>
> No, you only need to specify RO... at least according to the tests I've
> just run. As I understand it you're overriding a built in community.
>
>
> --
> John Payne http://www.sackheads.org/jpayne/ john@sackheads.org
> http://www.sackheads.org/uce/ Fax: +44 870 0547954
> To send me mail, use the address in the From: header
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
