[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs

To: Daniel Sichel <daniels@ponderosatel.com>
Subject: Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
From: Valdis.Kletnieks@vt.edu
Date: Mon, 08 Dec 2003 13:01:55 -0500

On Mon, 08 Dec 2003 08:18:03 PST, Daniel Sichel <daniels@ponderosatel.com>  
said:
> I've got a little problem with a cisco router.
> >   It has obviously been compromised. How do i know, well the password
> >   has changed. So I want to retrieve the ACL from the RAM (not NVRAM)
> >   to see what else maybe got compromised.
> >   Does anyone know how this could be done?
> 
> This is probably way too late to be helpful, but set up a tftp server on
> a workstation, telnet to the router, and "copy run tftp". 

Gaak.  It will let you do that without a password???

Attachment: pgp00019.pgp
Description: PGP signature

Follow-Ups:
- [Full-Disclosure] points of analysis
  - From: "Akbar Ali" <kaber@aliansystems.com>
- Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
  - From: "Gregory A. Gilliss" <ggilliss@netpublishing.com>

References:
- [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
  - From: "Daniel Sichel" <daniels@ponderosatel.com>

Prev by Date: [Full-Disclosure] rpc.mountd Vulnerabilities update on IRIX
Next by Date: [Full-Disclosure] points of analysis
Previous by thread: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
Next by thread: [Full-Disclosure] points of analysis
Index(es):
- Date
- Thread