[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
- From: "Gregory A. Gilliss" <ggilliss@netpublishing.com>
- Date: Mon, 8 Dec 2003 11:02:31 -0800
Actually, no. The copy command is privileged, and requires enable access.
G
On or about 2003.12.08 13:01:55 +0000, Valdis.Kletnieks@vt.edu
(Valdis.Kletnieks@vt.edu) said:
> On Mon, 08 Dec 2003 08:18:03 PST, Daniel Sichel <daniels@ponderosatel.com>
> said:
> > I've got a little problem with a cisco router.
> > > It has obviously been compromised. How do i know, well the password
> > > has changed. So I want to retrieve the ACL from the RAM (not NVRAM)
> > > to see what else maybe got compromised.
> > > Does anyone know how this could be done?
> >
> > This is probably way too late to be helpful, but set up a tftp server on
> > a workstation, telnet to the router, and "copy run tftp".
>
> Gaak. It will let you do that without a password???
>
--
Gregory A. Gilliss, CISSP E-mail: greg@gilliss.com
Computer Security WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html