Obviously, one of our external cisco-devices with default-password set was compromised: telnet cisco.customer.xx Trying a.b.c.d... Connected to a.b.c.d. Escape character is '^]'. Compromised Please don't use default passwords User Access Verification Password: Anybody knows a script/scanner doing this stuff? I know tools like CScan, but none of them changes password and logon-message. And anybody has a clue about the password?? (it was, yeah, 'cisco' - but the hacker changed it...) Thomas Springer ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 09:16:40 PDT