compromised cisco
From: Thomas Springer (tuev@serveraudit.net)Date: 04/25/02
- Previous message: zeno: "Re: Big traffic on 412/tcp"
- Next in thread: jlewis@lewis.org: "Re: compromised cisco"
- Reply: jlewis@lewis.org: "Re: compromised cisco"
- Reply: Gordon Ewasiuk: "Re: compromised cisco"
- Reply: george johnson: "Re: compromised cisco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Apr 2002 13:08:46 +0200 To: incidents@securityfocus.com From: Thomas Springer <tuev@serveraudit.net>
Obviously, one of our external cisco-devices with default-password set was
compromised:
telnet cisco.customer.xx
Trying a.b.c.d...
Connected to a.b.c.d.
Escape character is '^]'.
Compromised
Please don't use default passwords
User Access Verification
Password:
Anybody knows a script/scanner doing this stuff?
I know tools like CScan, but none of them changes password and logon-message.
And anybody has a clue about the password?? (it was, yeah, 'cisco' - but
the hacker changed it...)
Thomas Springer
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: zeno: "Re: Big traffic on 412/tcp"
- Next in thread: jlewis@lewis.org: "Re: compromised cisco"
- Reply: jlewis@lewis.org: "Re: compromised cisco"
- Reply: Gordon Ewasiuk: "Re: compromised cisco"
- Reply: george johnson: "Re: compromised cisco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
