If I was a saboteur, I don't think I'd even bother with TAC, I'd just crack
the passwords and have my way, heh. Also, 95% of my TAC calls are opened
with new router serial numbers and my CCO username given to jump me right
into talking to a TAC engineer.
Plus, you don't even need a CCO login to get to the Password Recovery pages:
http://www.cisco.com/warp/public/474/index.shtml
We were troubleshooting cas-group commands and replacing an AdTran Atlas 550
that was acting as a CSU/DSU splitting off DS0's between a frame relay
connection and trunks to a long distance carrier. Cisco couldn't get why
the command wasn't functioning right and one of their engineers wanted to
get in and do some diagnostics.
I think Priscilla has been watching too many X-Files episodes ;-p
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
Cisco resources: http://r2cisco.artoo.net/
""Kevin Wigle"" <[EMAIL PROTECTED]> wrote in message
00b601c081d0$985ebc60$[EMAIL PROTECTED]">news:00b601c081d0$985ebc60$[EMAIL PROTECTED]...
> I don't think its so fishy and I don't think Cisco could be faulted in any
> way.
>
> My reading is that the "guy" was working with Cisco on a problem.
>
> Therefore this "guy" must have some responsibility for the network.
>
> Cisco would have to think that this guy knows what he's doing since he has
> the wherewithal to get into the company's network and then get into
routers
> to configure them.
>
> It depends I guess on how far your conspiracy feelings go, if the "guy"
was
> bogus and had all the passwords etc, then how is Cisco to know?
>
> Doesn't TAC have to deal with a registered contact?
>
> Kevin Wigle
>
> ----- Original Message -----
> From: "Priscilla Oppenheimer" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Thursday, 18 January, 2001 22:51
> Subject: Re: Remote Telnet access via dial-up
>
>
> > At 07:32 PM 1/18/01, Erick B. wrote:
> > >I don't understand how companys can have main network
> > >equipment (routers, etc) accessible over the internet
> > >with telnet (and other mgmt services) running *with*
> > >no passwords or filters. I see it on a regular
> > >occurance.
> >
> > That is amazing. But in this case the company had a lot of security, it
> > sounds like. It was not possible to get into the routers until this guy
> > opened up a backdoor and let Cisco engineers Telnet in over a dial-up
line
> > connected to his PC. I can't believe Cisco engineers would thwart their
> > customer's security policy in that way. I think the story sounds fishy.
> >
> > Priscilla
> >
> >
> > >--- Priscilla Oppenheimer <[EMAIL PROTECTED]> wrote:
> > > > At 10:31 PM 1/17/01, J Roysdon wrote:
> > > > >Today I was a site w/o internet access, but I
> > > > needed to get Cisco into it to
> > > > >save time relaying commands and information. I had
> > > > a dial-up connection out
> > > > >to my ISP, and then thought about the built-in
> > > > Telnet server that Windows
> > > > >2000 Professional has. I made a quick guest
> > > > account for Cisco, and told
> > > > >them my dial-up IP, which they could connect to,
> > > > and then once telnetted
> > > > >into my workstation, they were able to telnet out
> > > > my NIC to the routers they
> > > > >needs to get to. Only catch is that you can only
> > > > have one session up
> > > > >through it (enough for us):
> > > >
> > > > Good thing! Can you imagine the issues if you had
> > > > just opened up port 23
> > > > for the whole world? Good grief.
> > > >
> > > > I just asked a security expert at my company about
> > > > this scenario and he
> > > > took a sinister view. He wondered if the story was
> > > > broadcast in order to
> > > > incite damange. I don't think that's the case, but
> > > > this message did come
> > > > from the same guy that posted photographs of his
> > > > site for some reason. See
> > > > the message about patch panels.
> > > >
> > > > Priscilla
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Get email at your own domain with Yahoo! Mail.
> > >http://personal.mail.yahoo.com/
> >
> >
> > ________________________
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
