[4206] in bugtraq
Re: Cisco 2509/2511
daemon@ATHENA.MIT.EDU (Erdinc KAYA)
Mon Mar 24 20:19:32 1997
Date: Tue, 25 Mar 1997 00:43:16 +0200
Reply-To: Erdinc KAYA <erdi@RAKSNET.COM.TR>
From: Erdinc KAYA <erdi@RAKSNET.COM.TR>
X-To: Dan Brown <dbrown@CSS.GOV>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199703242054.PAA11717@zydeco.CSS.GOV>
first enter conf terminal mode and then in line 1 16 enter
"modem ri-is-cd" command.. it makes a protection to the port 2001-2-3-4
(modem attached ports) and when you telnet to these ports the connection
will be closed (refusing).. Sincerely.
Erdinc Kaya
Specialist
Erdinc.Kaya@raksnet.com.tr
On Mon, 24 Mar 1997, Dan Brown wrote:
> >
> >This is an old one, but I keep seeing comfigurations (also posted to
> >UseNet) where people forget to do a:
> >
> >transport input none
> >
> >on their 'line 1 16' (or whatever) config.
> >If you use the default values ('telnet' I think) and you have no filters
> >(stupid idea too) on your Cisco then someone is able to use ports 2001 and
> >up to connect to one of the devices attached to it. If this is a modem
> >that same person can type any AT command he/she wants. Go figure..
>
>
> You can also password protect each interface or a range of interfaces
> using either a single password, or tacacs, or radius, or...
>
>
>
> --
> Dan Brown
> dbrown@seismo.css.gov
>
