Messing around with a pipeline 75 I noticed that I could keep open the password prompt past the normal time limit by sending one character every second. This resets the timer to 0 and keeps the telnet session to the router from being closed. I opened up a second telnet to the router and did this again. Ascend pipeline routers only allow 2 telnet sessions, at this point any future attempts get rejected. I was able to keep these connections for hours by sending data to both password prompts which would keep anyone from configuring this router. I wrote ascend explaining what I had done and asking them to consider putting a time limit on the amount of time it takes to enter a password. This is the response I got back... -Start- Date: Tue, 26 May 1998 14:19:30 -0700 From: support <supportat_private> To: ericat_private Subject: RE: Ticket #238563 Eric: The pipeline has no way of telling what is a legit telnet and what is not and because the box is meant to be accessed this way (both locally and remotely), a firewall is the best way to restrict telnet access. -- Ascend Communications, Inc Service & Support supportat_private http://www.ascend.com/service -Cut- I really like ascend, but this is a lame way of not having to put a 45 second limit on typing in a password when connecting to a router via telnet. What can this do?? Someone can effictivly keep a pipeline router from being configured by opening 2 telnet sessions to the router and sending data every second. The only way to stop this is to reboot the router and telnet in before another telnet session is opened by the attacker. Ways to fix the problem: 1. Filter all incoming telnet traffic to the router from the internet 2. Turn off telnet access and use the console port 3. Don't configure your router Eric Thacker System Administrator Caffrey/Digilink Networks ericat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:54:55 PDT