Is my router owned? How would I know?

• Previous message (by thread): Is my router owned? How would I know?
• Next message (by thread): Is my router owned? How would I know?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 14 Jan 2006, Alexei Roudnev wrote:

> Some Cisco IOS'es have numerous bugs, related to SNMP (I watched few cases,
> when all Cisco's 72xx lost configuration becuase of receivbing something
> bogus), so SNMP should be filtered out from public internet.

The major problem people forget is that snmp is UDP and if there is any 
way what so ever to spoof your management station, someone will be able to 
upload your config to whereever unless you have tightened down what can be 
done via snmp write.

As soon as they have your config they're likely to be able to progress 
further unless you have very tight security.

Also remember that the private key for SSH is in the config so if they get 
it, ssh offers no protection either.

Rule of thumb: All keys (tacacs keys, snmp communities etc) should be 
unique for each device, so if someone gets the config, they cannot use the 
information on other devices in your network.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se

• Previous message (by thread): Is my router owned? How would I know?
• Next message (by thread): Is my router owned? How would I know?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]