Vulnerability Development mailing list archives
Re: news story and router passwords
From: Talisker <Talisker () NETWORKINTRUSION CO UK>
Date: Mon, 16 Oct 2000 18:26:33 +0100
Hi All I've just had this passed to me and it seemed relevant http://www.solarwinds.net/Tools/Professional+/ It's a network discovery/management tool but it also includes a bruteforce SNMP community name tester which is nice (in a sad geeky kinda way) Andy http://www.networkintrusion.co.uk Talisker's comprehensive IDS & Scanner List ''' (0 0) ----oOO----(_)---------- | The geek shall | | Inherit the earth | -----------------oOO---- |__|__| || || ooO Ooo The opinions contained within this transmission are entirely my own, and do not necessarily reflect those of my employer. ----- Original Message ----- From: "Mark Teicher" <mark.teicher () NETWORKICE COM> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Sunday, October 15, 2000 6:05 PM Subject: Re: news story and router passwords
On an Ascend box: Once can use SNMP (sysReset object) to reset an Ascend Router from an SNMP Manager. After the Reset command is issue, the Ascend will attempt to confirm the request before the unit is reset. In my example, two SNMP_Set requests are sent, the first one is received and the second one is the confirmation (2nd request). Information held in the Ascend Events Group is erase and its values are intialized when the Ascend router is reset by software. The SNMP object (sysAbsoluteStartUpTime is the time in second since January 1, 1990) and is not modified. One can reset this value to 0 in order to reset back to factory defaults. Very similiar if one send an 'fclear' which basically returns an Ascend
box
to its factory set defaults. But as I stated before, I know very little about SNMP and it's
capabilities..
/mark At 06:49 PM 10/14/00 -0600, Richard Johnson wrote:At 11:10 -0600 on 10/12/2000, Vachon, Scott wrote:Frankly speaking I'd suppose that they just did not back up theirconfig:)(because it looks like they even did not use access-lists etc.)From reading the article is sounds as if a simple script kiddie found
an
easy and unprotected target. Where these fools too simple-minded to physically remove the stricken (and apparently blocking) gear from the network and rework it ?This is apparently more difficult with an Ascend router that uses SNMP
only
for configuration (no console access?), and apparently has no 'lobotomy' switch for at least temporarily resetting to known default password or configuration. Still, 11 days to arrange replacement hardware is a bit severe for a provider only half an hour away from the Denver metro area. At least now they know they can hit a number of locals up for emergency loaners in the future. Richard
Current thread:
- Re: news story and router passwords Vachon, Scott (Oct 12)
- Re: news story and router passwords Richard Johnson (Oct 14)
- Re: news story and router passwords Mark Teicher (Oct 15)
- Re: news story and router passwords Talisker (Oct 16)
- Re: news story and router passwords Mark Teicher (Oct 16)
- Re: news story and router passwords Mark Teicher (Oct 15)
- Re: news story and router passwords Richard Johnson (Oct 14)
- <Possible follow-ups>
- Re: news story and router passwords none none (Oct 12)
- Re: news story and router passwords Mr Rufus Faloofus (Oct 12)
- Re: news story and router passwords Vitaly McLain (Oct 13)
- Re: news story and router passwords bugtraq (Oct 13)
- Re: news story and router passwords antirez (Oct 14)
- Re: news story and router passwords Bluefish (P.Magnusson) (Oct 14)
- Re: news story and router passwords bug tracker (Oct 14)
- Re: news story and router passwords Mark Teicher (Oct 14)
- Re: news story and router passwords Lincoln Yeoh (Oct 15)
- Re: news story and router passwords Mark Teicher (Oct 14)