Full Disclosure mailing list archives
Re: cisco acl
From: Alexandru Balan <jay () ines ro>
Date: Mon, 08 Dec 2003 15:44:59 +0200
actually i'd reocommend cracking the current password and logging on with it. If you can hook it up on serial and have access to sh run to see the crypted password you can run an old tool like ciscocrack.c ( google for it ) and you should have the attacker's password On Fri, 2003-12-05 at 14:45, isa vaul wrote:
Hello full-disclosure, I've got a little problem with a cisco router. It has obviously been compromised. How do i know, well the password has changed. So I want to retrieve the ACL from the RAM (not NVRAM) to see what else maybe got compromised. Does anyone know how this could be done? thanks for any suggestions in advance...
-- Jay Public GnuPG key AAB551A4 available at http://www.ines.ro/public_keys/jay.gpg
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- cisco acl isa vaul (Dec 05)
- Re: cisco acl petard (Dec 05)
- Re[2]: cisco acl isa vaul (Dec 05)
- Re: cisco acl Cael Abal (Dec 05)
- Re: Re[2]: cisco acl vb (Dec 05)
- Re: cisco acl Anton Ivanov (Dec 05)
- Re[2]: cisco acl isa vaul (Dec 05)
- Re: cisco acl petard (Dec 05)
- Re: cisco acl vb (Dec 05)
- Re: cisco acl Paulo Pereira (Dec 05)
- Re: cisco acl Alexandru Balan (Dec 08)
- <Possible follow-ups>
- RE: cisco acl Patrick Doyle (Dec 05)
- RE: cisco acl Noren, Bill (Dec 05)
- RE: Re[2]: cisco acl Anthony Clendenen (Dec 05)
- RE: Re[2]: cisco acl Keith Pachulski (Dec 05)
- RE: cisco acl Clint Bodungen (Dec 05)
- RE: cisco acl Tonneson, Thomas (Dec 05)