North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Warning: Cisco RW community backdoor.
It appears that 2500 are not affected. The fix below doesn't work on 11.1 and 11.2 , you have to turn snmp off by the looks. have fun. ----- Forwarded message from "James A. T. Rice" <[email protected]> ----- Date: Tue, 27 Feb 2001 00:39:38 +0000 (GMT) From: "James A. T. Rice" <[email protected]> X-Sender: <[email protected]> To: <[email protected]>, <[email protected]> Subject: Warning: Cisco RW community backdoor. Precedence: bulk If your router responds to `snmpwalk router.isp.net.uk ILMI`, you probabally will want to do the following to disable it: conf t snmp-server community ILMI RO 99 access-list 99 deny any log (pick another spare access-list if 99 isn't available) If you dont, assuming your ios/hardware combination supports it, (most of the bigger routers do) anyone can do things like: `snmpset router.isp.net.uk ILMI system.sysName.0 s \ "ALL YOUR ROUTER ARE BELONG TO US."` Thats a harmless example. You can do almost anything with RW snmp. Warm Regards James -- James A. T. Rice | Email: [email protected] Internet Operations Engineer | Phone: 01737 839 737 BBC Internet Services, Kingswood Warren, Tadworth, Surrey, UK. ----- End forwarded message ----- --------- To unsubscribe from nznog, send email to [email protected] where the body of your message reads: unsubscribe nznog
|