[4203] in bugtraq
Re: Cisco 2509/2511
daemon@ATHENA.MIT.EDU (Dan Brown)
Mon Mar 24 17:41:01 1997
Date: Mon, 24 Mar 1997 15:54:09 -0500
Reply-To: Dan Brown <dbrown@CSS.GOV>
From: Dan Brown <dbrown@CSS.GOV>
X-To: appie@castel.net
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.95.970324180320.830C-100000@mailhost.castel.nl> from
"Albert Siersema" at Mar 24, 97 06:06:18 pm
>
>This is an old one, but I keep seeing comfigurations (also posted to
>UseNet) where people forget to do a:
>
>transport input none
>
>on their 'line 1 16' (or whatever) config.
>If you use the default values ('telnet' I think) and you have no filters
>(stupid idea too) on your Cisco then someone is able to use ports 2001 and
>up to connect to one of the devices attached to it. If this is a modem
>that same person can type any AT command he/she wants. Go figure..
You can also password protect each interface or a range of interfaces
using either a single password, or tacacs, or radius, or...
--
Dan Brown
dbrown@seismo.css.gov
