RE: What to do if Cisco router & switches got hacked ?
From: Francisco Mário Ferreira Custódio (fcustodio_at_eda.pt)
Date: 12/31/03
- Previous message: Francisco Mário Ferreira Custódio: "RE: home wireless router good practices for security"
- Maybe in reply to: yfs us: "What to do if Cisco router & switches got hacked ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: yfs us <yfs_168us@yahoo.com> Date: Wed, 31 Dec 2003 17:24:03 -0100
Hi!
In my point of view, hacking a router/switch does only make sense in two
ocasions:
- the attacker "hacks" into the router/switch to get information about the
network, to plan the attack.
- the attacker just wants to shutdown communications by conducting a DOS
attack to the router/switch.
IBM just changes the hardware....this is not a good practice.
I advise you to harden your router/switch...by changing all passwords, using
strong SNMP community names, using the latest IOS, providing good physical
security, use authentication in the routers (rather then a simple telnet
password) and using a syslog server to "see" what's going on.
You should also make sure that you're running the right IOS, a few months
ago...Cisco had a problem with some router platforms, the result was a
router crash...so be sure to check Cisco's advisories.
If you follow this procedures, you can avoid problems...and check what did
caused the router/switch to stop responding. Also assure that only
networking personnel has access to the routers.
Cheers everybody and a happy new year!
Francisco.
-----Original Message-----
From: yfs us [mailto:yfs_168us@yahoo.com]
Sent: quarta-feira, 31 de Dezembro de 2003 0:55
To: security-basics@securityfocus.com
Subject: What to do if Cisco router & switches got hacked ?
Hi All,
Just want to find out does anyone here came across the cisco switches
& router got hacked. I'm not sure which one actually got hacked coz I'm not
a security expert.
I do
notice that sometime my switches & router refuse to accept connection. But
when I change to a new want every things work fine.
I do ask the IBM technical support & they told me that it was hacked.
So now once a week I need to call the IBM support to fix it. They usually
replace it. I'm wondering how do I prevent these in the future.
Besides these I too like to know how do I track the hacker ? I had
mail my ISP & they reply please go & hire a security expert with a good
qualification. Is these what one usually get if they need help from the ISP
?
It looks
like the ISP suck or they r the one who did it. Or time to change ISP.
Does one really need to have a good qualification to hunt the hacker ?
As far as I know everyone is a hacker the only different is some is good &
some is lousy coz hacker r not born they too go thru a pain in the ass
experince b4 they really call them self a elite haxor.
All help r welcome.
Cheers
__________________________________
Do you Yahoo!?
Find out what made the Top Yahoo! Searches of 2003
http://search.yahoo.com/top2003
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Francisco Mário Ferreira Custódio: "RE: home wireless router good practices for security"
- Maybe in reply to: yfs us: "What to do if Cisco router & switches got hacked ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
