> I searched the archives, with no luck finding anything about this. > > Recently a bunch of USR TotalSwitch (chassis which takes 5 cards, 10 / 100 / > fddi / whatever, and a network management card) units went up for auction, > and I know a lot of people purchased them, hence my concern. > > The switch is managable via snmp, telnet or a console port. Using the > management features, you can disable / enable certain ports, configure IP > routes and such. The management software allows you to set a password to > access the switch (either by telnet or the console). > > Of course, there is a back-door so techs could reset or debug the unit if > they didn't have the password. Unfortunately, this backdoor is not limited > to the console port like it should be. It is possible to telnet to the > switch, enter a "secret code" (which is readily available, for everyone's > sake I won't give it out here) and do a memory dump to see the plaintext > password. > > Solution: 3COM - limit this functionality to the console port ONLY. > End-user - add an access list to filter telnet to your switch's IP address > from outside your network. > > P.S. If anyone knows where to get the 100btx cards for this thing, please > e-mail me! > > Reguards, > 3COM did put out a patch for this, though it was rather quietly - it also effects all CoreBuilder switches. Fortunately, I only buy un-managed 3COM stuff. Everything that is a switch (or above) is Cisco. -- - Lou Anschuetz, louat_private Network Manager, ECE, Carnegie Mellon University
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:25:23 PDT