Re: What to do if Cisco router & switches got hacked ?

From: Jimi Thompson (jimit_at_myrealbox.com)
Date: 01/03/04

  • Next message: Ansgar -59cobalt- Wiechers: "Re: compromised network"
    Date: Sat, 03 Jan 2004 00:26:55 -0600
    To: yfs us <yfs_168us@yahoo.com>
    
    

    First off,

    You should probably be configuring your Cisco devices to use RADIUS and
    some sort of token for authentication to keep from getting hacked.
    Cisco IOS's weakest point is probably it's authentication. You should
    also be patching your IOS and checking your configuration. Since IBM
    seems to be handling your problem for you, why don't you ask them?
    ISP's don't typically help you hunt a hacker, so they don't seem to be
    out of line on this. Your odds of finding the person who did this a
    very small. Yes, you need good qualifications to go hacker hunting. 1)
    "real" hackers don't like to be hunted and tend to make life difficult
    for those that hunt them and 2) they are usually good enough to be very
    difficult to trace. Even script kiddies can be quite difficult to trace.

    HTH,

    Jimi

    yfs us wrote:

    >Hi All,
    >
    > Just want to find out does anyone here came
    >across
    >the cisco switches & router got hacked. I'm not sure
    >which
    >one actually got hacked coz I'm not a security expert.
    >I do
    >notice that sometime my switches & router refuse to
    >accept
    >connection. But when I change to a new want every
    >things
    >work fine.
    > I do ask the IBM technical support & they told
    >me that
    >it was hacked. So now once a week I need to call the
    >IBM
    >support to fix it. They usually replace it. I'm
    >wondering
    >how do I prevent these in the future.
    > Besides these I too like to know how do I track
    >the
    >hacker ? I had mail my ISP & they reply please go &
    >hire a security expert with a good qualification. Is
    >these
    >what one usually get if they need help from the ISP ?
    >It looks
    >like the ISP suck or they r the one who did it. Or
    >time to change
    >ISP.
    > Does one really need to have a good qualification
    >to hunt
    >the hacker ? As far as I know everyone is a hacker the
    >only
    >different is some is good & some is lousy coz hacker r
    >not
    >born they too go thru a pain in the ass experince b4
    >they
    >really call them self a elite haxor.
    >
    > All help r welcome.
    >
    >Cheers
    >
    >__________________________________
    >Do you Yahoo!?
    >Find out what made the Top Yahoo! Searches of 2003
    >http://search.yahoo.com/top2003
    >
    >---------------------------------------------------------------------------
    >----------------------------------------------------------------------------
    >
    >
    >
    >
    >

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Ansgar -59cobalt- Wiechers: "Re: compromised network"