On Tue, 29 Jan 2002 22:06:39 -0600 Dustin Puryear <dpuryear@usa.net>
writes:
> At 07:39 PM 1/29/2002 -0600, you wrote:
>What happens when those DHCP servers get hacked (I said when,
> not if)? The entire network is at risk. BSD, Linux, Solaris,
whatever...
> some unix flavor, but windoze is simply not an option, period.
> Hey, dont forget good ol IOS .... it does DHCP too ;-)
> It also gets hacked. Didn't a recent version of IOS have a bug where
> you could bypass the web-based interface authentication? Perhaps that
> was the PIX specific.. I remember getting the bulletin from Cisco when
I was
> managing some PIX firewalls.
>
> Regards, Dustin
>
If its the one I am thinking of, it affected almost every cisco
device running IOS if, and only if, they were running the http server
(unless they were running IP6 or something along those lines, in which
case you couldn't shut off the http server on some versions of the
software). If I remember correctly it didn't affect PIX, because PIX
doesn't really run IOS... or so I thought. Plus who does web based
configs anyway? ;p I didnt think the web server was enabled by default
except on a few routers (100x numbers perhaps?) Rambling now... must
sleep.
- Fritz
-
________________________________________________________________
GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for less!
Join Juno today! For your FREE software, visit:
http://dl.www.juno.com/get/web/.
___________________
Nolug mailing list
nolug@nolug.org
Received on 01/30/02
This archive was generated by hypermail 2.2.0 : 12/19/08 EST