Re: What to do if Cisco router & switches got hacked ?

From: Jimi Thompson (jimit_at_myrealbox.com)
Date: 01/03/04

  • Next message: Ansgar -59cobalt- Wiechers: "Re: compromised network"
    Date: Sat, 03 Jan 2004 00:26:55 -0600
    To: yfs us <yfs_168us@yahoo.com>
    
    

    First off,

    You should probably be configuring your Cisco devices to use RADIUS and
    some sort of token for authentication to keep from getting hacked.
    Cisco IOS's weakest point is probably it's authentication. You should
    also be patching your IOS and checking your configuration. Since IBM
    seems to be handling your problem for you, why don't you ask them?
    ISP's don't typically help you hunt a hacker, so they don't seem to be
    out of line on this. Your odds of finding the person who did this a
    very small. Yes, you need good qualifications to go hacker hunting. 1)
    "real" hackers don't like to be hunted and tend to make life difficult
    for those that hunt them and 2) they are usually good enough to be very
    difficult to trace. Even script kiddies can be quite difficult to trace.

    HTH,

    Jimi

    yfs us wrote:

    >Hi All,
    >
    > Just want to find out does anyone here came
    >across
    >the cisco switches & router got hacked. I'm not sure
    >which
    >one actually got hacked coz I'm not a security expert.
    >I do
    >notice that sometime my switches & router refuse to
    >accept
    >connection. But when I change to a new want every
    >things
    >work fine.
    > I do ask the IBM technical support & they told
    >me that
    >it was hacked. So now once a week I need to call the
    >IBM
    >support to fix it. They usually replace it. I'm
    >wondering
    >how do I prevent these in the future.
    > Besides these I too like to know how do I track
    >the
    >hacker ? I had mail my ISP & they reply please go &
    >hire a security expert with a good qualification. Is
    >these
    >what one usually get if they need help from the ISP ?
    >It looks
    >like the ISP suck or they r the one who did it. Or
    >time to change
    >ISP.
    > Does one really need to have a good qualification
    >to hunt
    >the hacker ? As far as I know everyone is a hacker the
    >only
    >different is some is good & some is lousy coz hacker r
    >not
    >born they too go thru a pain in the ass experince b4
    >they
    >really call them self a elite haxor.
    >
    > All help r welcome.
    >
    >Cheers
    >
    >__________________________________
    >Do you Yahoo!?
    >Find out what made the Top Yahoo! Searches of 2003
    >http://search.yahoo.com/top2003
    >
    >---------------------------------------------------------------------------
    >----------------------------------------------------------------------------
    >
    >
    >
    >
    >

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Ansgar -59cobalt- Wiechers: "Re: compromised network"

    Relevant Pages

    • Re: My contact form is not emailed to me
      ... a hacker could figure that out and use his own form to try to ... past the authentication without somehow knowing the names and addresses, ... you can hire someone to check your code - but you'll be much better off reading and learning on your own so you can write secure code. ... security risk report. ...
      (comp.lang.php)
    • Re: Strong Name and authentication
      ... but I'm not sure how a hacker would be able to ... won't be able to make a second hop to my remote object. ... I'd love to use an identity-based authentication model but I ... >> I want to ensure that only some assemblies will be able to call my ...
      (microsoft.public.dotnet.framework.remoting)
    • Re: Wireless security
      ... exchange of a passcode and/or authentication by me, so the would be hacker didn't get far. ... Spoilsport. ... How are the police meant to earn a living if people prevent crime themselves? ...
      (uk.business.agriculture)
    • Re: Wireless security
      ... exchange of a passcode and/or authentication by me, so the would be hacker didn't get far. ... Spoilsport. ... How are the police meant to earn a living if people prevent crime themselves? ...
      (uk.business.agriculture)
    • Re: Problems with syslogd under 5.2-RELEASE
      ... >> Maybe, I'm running a serial console on this machine, and I changed over ... >> to a Cisco box. ... FreeBSD (cvs meister, admin and hacker) ... Physics Particle Theory http://www.pact.cpes.sussex.ac.uk/ ...
      (freebsd-current)