vendor: bay networks product: bay access node/wellfleet routers Ok, in this day and age it is becomming increasingly difficult for the low-level, system cracker, bottom feeders who frequent the net to gain access to larger corporate and government sites due to firewall implementation, so I'm posting this to help the administrators stay one step ahead. The problem with the bay boxes is that by default the two system accounts on the machine are not passworded. Now, usually the "Manager" account on the machine is passworded by the administrator, however, the "User" account is often left untouched. While the "User" account has restricted access, it can be a huge security hole, especially when these machines are used for the purposes of IP filtering (a firewall). Because the bay machines have snmp configuration capabilities, anyone knowing the snmp string for the machine or snmp community could edit routing tables and IP filtering rules with any snmp management software or the bay networks software they put out for solaris and just recently NT. All a proposed attacker would have to do is telnet to the router, login as "User", and issue a single command, "sho snmp community". Then adjust his or her snmp software to use that string and IP address, and b00m, sucks to be you. recommended fix: uhh..password "User" - Marty Rigaletto "On the bulletin boards nobody knew if you attended a special school." - d. freedman (from "At Large", in regards to Phantomd)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:52:50 PDT