Vulnerability Development mailing list archives
Re: news story and router passwords
From: Mark Teicher <mark.teicher () NETWORKICE COM>
Date: Sun, 15 Oct 2000 10:05:42 -0700
On an Ascend box: Once can use SNMP (sysReset object) to reset an Ascend Router from an SNMP Manager. After the Reset command is issue, the Ascend will attempt to confirm the request before the unit is reset. In my example, two SNMP_Set requests are sent, the first one is received and the second one is the confirmation (2nd request). Information held in the Ascend Events Group is erase and its values are intialized when the Ascend router is reset by software. The SNMP object (sysAbsoluteStartUpTime is the time in second since January 1, 1990) and is not modified. One can reset this value to 0 in order to reset back to factory defaults. Very similiar if one send an 'fclear' which basically returns an Ascend box to its factory set defaults. But as I stated before, I know very little about SNMP and it's capabilities.. /mark At 06:49 PM 10/14/00 -0600, Richard Johnson wrote:
At 11:10 -0600 on 10/12/2000, Vachon, Scott wrote: > >Frankly speaking I'd suppose that they just did not back up their >config > :) > >(because it looks like they even did not use access-lists etc.) > > >From reading the article is sounds as if a simple script kiddie found an > easy and unprotected target. Where these fools too simple-minded to > physically remove the stricken (and apparently blocking) gear from the > network and rework it ? This is apparently more difficult with an Ascend router that uses SNMP only for configuration (no console access?), and apparently has no 'lobotomy' switch for at least temporarily resetting to known default password or configuration. Still, 11 days to arrange replacement hardware is a bit severe for a provider only half an hour away from the Denver metro area. At least now they know they can hit a number of locals up for emergency loaners in the future. Richard
Current thread:
- Re: news story and router passwords Vachon, Scott (Oct 12)
- Re: news story and router passwords Richard Johnson (Oct 14)
- Re: news story and router passwords Mark Teicher (Oct 15)
- Re: news story and router passwords Talisker (Oct 16)
- Re: news story and router passwords Mark Teicher (Oct 16)
- Re: news story and router passwords Mark Teicher (Oct 15)
- Re: news story and router passwords Richard Johnson (Oct 14)
- <Possible follow-ups>
- Re: news story and router passwords none none (Oct 12)
- Re: news story and router passwords Mr Rufus Faloofus (Oct 12)
- Re: news story and router passwords Vitaly McLain (Oct 13)
- Re: news story and router passwords bugtraq (Oct 13)
- Re: news story and router passwords antirez (Oct 14)
- Re: news story and router passwords Bluefish (P.Magnusson) (Oct 14)
- Re: news story and router passwords bug tracker (Oct 14)
- Re: news story and router passwords Mark Teicher (Oct 14)