Verified using tcpdump, the flowpoint configuration manager indeed does use SNMP to communicate, hence the simple solution would be turn off SNMP [And telnet] (you shouldn't be running this if you don't need to anyway). Although it does discourage me that even after I flashed my router to v3.0.8, the login prompt [for Telnet]does not disconnect me after a certain number of retries (3, like Cisco IOS, would be a decent number). Regards, Chris J Burris IntraACTIVE, Inc. http://www.intraactive.com/ +1 202 822 3999 On Tue, 10 Aug 1999, Scott Drassinower wrote: > Brute force, as it is not likely you will know what the number is without > physical access to the router. > > If you were to block telnet and snmp access to the router, then you > probably would only have to worry about access via the console port. I > think that FlowPoint's graphical admin tools use snmp, but if they don't, > you'll have to figure out how to block those as well. > > -- > Scott M. Drassinower scottdat_private > Cloud 9 Consulting, Inc. White Plains, NY > +1 914 696-4000 http://www.cloud9.net > > On Tue, 10 Aug 1999, Eric Budke wrote: > > > At 12:07 PM 8/7/99 -0400, Scott Drassinower wrote: > > >It involves a bug that allows a password recovery feature to be utilized > > >from the LAN or WAN instead of just the serial console port. > > > > > >Basically, throwing enough 6 digit numbers at a pre-3.0.8 router will > > >allow you to get access to the box to do whatever you want. It appears as > > >if the problem started in 3.0.4, but I am not totally certain about that. > > > > So the vulnerability is essentially a brute force against telnet/snmp? > > Assuming you filter those out, is there another way of accessing? > > > > >-- > > > Scott M. Drassinower scottdat_private > > > Cloud 9 Consulting, Inc. White Plains, NY > > > +1 914 696-4000 http://www.cloud9.net > > > > > >On Thu, 5 Aug 1999, Matt wrote: > > > > > > > The following URL contains information about a firmware upgrade for > > > > FlowPoint DSL routers that fixes a possible "security compromise". > > > > FlowPoint has chosen not to release ANY information whatsoever about the > > > > vulnerability. I was curious if anyone had any more information > > > > about this vulnerability than what FlowPoint is divulging. > > > > > > > > http://www.flowpoint.com/support/techbulletin/sec308.htm > > > > > > > > thnx > > > > > > > > -- > > > > I'm not nice, I'm vicious--it's the secret of my charm. > > > > > > > > -- > > PGP Key can be found at http://www.panix.com/~budke/pgp/budke_budke_com.txt > > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:05 PDT