compromised cisco

From: Thomas Springer (tuevat_private)
Date: Thu Apr 25 2002 - 04:08:46 PDT

Next message: jlewisat_private: "Re: compromised cisco"

Previous message: Matt Zimmerman: "Re: ftp"
Next in thread: jlewisat_private: "Re: compromised cisco"
Reply: jlewisat_private: "Re: compromised cisco"
Reply: Gordon Ewasiuk: "Re: compromised cisco"
Reply: george johnson: "Re: compromised cisco"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Obviously, one of our external cisco-devices with default-password set was
compromised:

	telnet cisco.customer.xx
	Trying a.b.c.d...
	Connected to a.b.c.d.
	Escape character is '^]'.

	Compromised
	Please don't use default passwords

	User Access Verification

	Password:

Anybody knows a script/scanner doing this stuff?
I know tools like CScan, but none of them changes password and logon-message.
And anybody has a clue about the password?? (it was, yeah, 'cisco' - but
the hacker changed it...)



Thomas Springer


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: jlewisat_private: "Re: compromised cisco"
Previous message: Matt Zimmerman: "Re: ftp"
Next in thread: jlewisat_private: "Re: compromised cisco"
Reply: jlewisat_private: "Re: compromised cisco"
Reply: Gordon Ewasiuk: "Re: compromised cisco"
Reply: george johnson: "Re: compromised cisco"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 09:16:40 PDT