Warning: Cisco RW community backdoor.
Stephen Griffin
stephen.griffin at rcn.com
Tue Feb 27 03:53:34 UTC 2001
In the referenced message, Sean Donelan said:
>
> > ----- Forwarded message from "James A. T. Rice" <jamesr at rd.bbc.co.uk> -----
> > If your router responds to `snmpwalk router.isp.net.uk ILMI`, you
> > probabally will want to do the following to disable it:
> > conf t
> > snmp-server community ILMI RO 99
> > access-list 99 deny any log
> > (pick another spare access-list if 99 isn't available)
>
> should be RW not RO
>
> Anyone with a Smartnet contract have a response from Cisco yet? I really
> need to get my own Smartnet number.
Cisco was supposed to announce the data tomorrow as I understand it, the
leaks (as they often do) just made the word-of-mouth->closed lists->open
lists trek far quicker.
I'm a bit surprised, however, that it took this long. First rumblings
I heard were weeks ago, in response to it poking up in a "show snmp group".
More information about the NANOG
mailing list