[11254] in bugtraq
Re: Cisco 675 password nonsense
daemon@ATHENA.MIT.EDU (Brian Elfert)
Thu Aug 5 01:37:02 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.3.96.990803102140.25468E-100000@citycenter>
Date: Tue, 3 Aug 1999 10:28:48 -0500
Reply-To: Brian Elfert <brian@CITILINK.COM>
From: Brian Elfert <brian@CITILINK.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSO.4.10.9907311608380.15996-100000@daddy.slack.net>
On Sat, 31 Jul 1999, DeMoNx wrote:
> switching all non-business/special adsl accounts over to using PPP rather
> than bridging mode for 'security reasons', I got a little suspicious. With
With good reason. In bridging mode with a Windows 9x/NT box, your network
neighborhood will show everyone else's PC that has any file/print sharing
enabled. So, it's trivially easy to connect to a non-passworded share.
Now, ideally, all these shares would be passworded, but we know that'll
never happen. Not having the shares show up in network neighborhood is a
bit of security by obscurity, but it's harder to connect to a share if
it's not in your network neighborhood.
> them. The problem is, *most* of these guys don't set passwords on the
> 675's. It is very simple to compromise an unpassworded 675. simply hit
> 'enter' at the password prompt after telnetting in, if you get a cbos>
> promt you are half way there, NOT GOOD. If there is no exec mode password
> set, then there most likely won't be an enable(superuser) mode password
Cisco has recognized this as a problem. This is fixed in 2.1.0a or in
2.2.0 (2.2.0 out shortly). The 675 will react like classic IOS and not
allow telnet if a exec password is not set.
BTW, in US West land at least, 90 to 95% of all installs are self install
where a tech never visits the customer.
Brian
