Hi all,
When I first wrote this script, it did help me to find out all those Nortel
default passwords on my switches. Submiting it to the nessus community seemed like a
good idea and there it is.
I now realize it really doesn't get over the 'telnet failure policies'
implemented on newer software versions, so until I figure out a way to do this, I
think it would be better to remove the pluggin from the distribution.
Is there any there any work in progress regarding a generic default password
plugin?
Regarding Owen's problem, I figure the DYNIX probably clears the input buffer
before prompting for the password, which causes the false positive on my poorly
written script. This is easy to fix, but I'd rather submit a fully functional version.
regards,
-----Original Message-----
From: Crow, Owen [mailto:Owen_Crow@;bmc.com]
Sent: segunda-feira, 28 de Outubro de 2002 23:13
To: [EMAIL PROTECTED]
Cc: Rui Bernardino
Subject: False positives from nortel_passport_default_pass.nasl
I hope I don't get in too much trouble if I submit the symptoms rather than
a diff fixing the problem. Nessus 1.2.6 on RedHat 7.2, script "$Revision:
1.3 $".
When running a safe check against a DYNIX/ptx 4.4.2 system, the
nortel_passport_default_pass.nasl script returns 11 false positives for each
of the user/pass combinations where the user and pass are the same.
The logic in the script makes sense to me, but doesn't work in practice.
The script should see another "Login" prompt meaning the login attempt
failed, but it doesn't seem to. Here is a log of a manual telnet session
where I tried one of the default users and passwords:
DYNIX/ptx(R) V4.4.2
Login: rw
Password:
Login incorrect
Login: rw
Password:
Login incorrect
Login:
So I'm not sure where the problem is, maybe more experienced heads will see
the problem. I've also attached a sample "tcpdump -nlvvvX" for a single
attempt.
Regards,
Owen Crow
Systems Programmer (Unix)
BMC Software, Inc.
(speaking for myself only)
<<maxwell.log>>
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
