----- Forwarded message from "James A. T. Rice" -----
Date: Tue, 27 Feb 2001 00:39:38 +0000 (GMT)
From: "James A. T. Rice"
X-Sender:
To: ,
Subject: Warning: Cisco RW community backdoor.
Precedence: bulk
If your router responds to `snmpwalk router.isp.net.uk ILMI`, you
probabally will want to do the following to disable it:
conf t
snmp-server community ILMI RO 99
access-list 99 deny any log
(pick another spare access-list if 99 isn't available)
If you dont, assuming your ios/hardware combination supports it,
(most of the bigger routers do) anyone can do things like:
`snmpset router.isp.net.uk ILMI system.sysName.0 s \
"ALL YOUR ROUTER ARE BELONG TO US."`
Thats a harmless example. You can do almost anything with RW snmp.
Warm Regards
James
--
James A. T. Rice | Email: jamesr(a)rd.bbc.co.uk
Internet Operations Engineer | Phone: 01737 839 737
BBC Internet Services, Kingswood Warren, Tadworth, Surrey, UK.
----- End forwarded message -----
---------
To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
