[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
On Thu, 26 Aug 93 21:17:16 -0600,
L. Detweiler <uunet!longs.lance.colostate.edu!ld231782> wrote -
> Date: Wed, 25 Aug 1993 12:56:54 -0700 (PDT)
> From: Al Whaley <[email protected]>
> Subject: Cisco routers
> Rumors abound that Cisco routers have a back door; that is when
> a TCP port is disabled, it can still be accessed from Cisco's
> IP number.
> I have personally verified this with the sendmail port.
> Al Whaley [email protected] +1-415 322-5411(Tel), -6481
> Sunnyside Computing, Inc., PO Box 60, Palo Alto, CA 94302
Sure, they have a backdoor -- it's called unsecured ports and
Cisco routers don't really have "TCP" ports, per se. They have
ethernet ports, or token ring ports, v.35 serial ports, and
dial-up rs-232 for fail-safe configuration when some idiot drops
your feed at the local rboc and you need to "look into" your net.
If the "entrance" passwords are enabled properly, then I feel quite
sure that this threat is minimal. However, I have learned recently
that some facets of SNMP encapsulation can exploit _management_ but
can not, however exploit the configuration of the router. It can add
to the traffic overhead.
Also, there is an additional "enable" password for configuration
modification, such as changing IP addresses of the ethernet or serial
interfaces (ports) and saving the configuration to NVRAM.
I had a guy adamantly try to convince me the other day that the
(Cisco) routers were in jeopardy because of the ability to TFTP
a new (albeit, damaging) operating system directly into NVRAM
(a sleight of hand), rendering the box useless. It can be done,
in fact, Cisco would have to ship me a whole new box overnight
if it happened, but if I mind my P's and Q's (read: adhere to
proper security), he's pissin' in the wind.
Paul Ferguson | "Government, even in its best state,
Network Integrator | is but a necessary evil; in its worst
Centreville, Virginia USA | state, an intolerable one."
[email protected] | - Thomas Paine, Common Sense
Type bits/keyID Date User ID
pub 1024/1CC04D 1993/03/15 Paul Ferguson <[email protected]>
Key fingerprint = EE D2 93 7D 04 6D C6 05 AC 36 AD 9D 8E 4F 41 58