Bugtraq mailing list archives
Re: Cisco 675 Denial of Service Attack
From: Erik Parker <eparker () MINDSEC COM>
Date: Fri, 1 Dec 2000 12:36:41 -0800
Or the ability to change it.. You can't change the Cisco 675 out of Bridge mode into Route mode without the cooperation of Qwest/Whoever. They have to make changes on their router as well. I went through this for a week with Flashcom, to get out of briding mode. Most never get their password for their Cisco either, however you can dump the memory in the CBOS on boot, and read the "encrypted" password, which is an off-by-2 sequence.. Where c is a, and e is c, and so on.
QWest DSL (of which I am a customer/user) uses the 675 in bridging mode (in fact that is how it was delivered). AFIK it can be affected by traffic about as much as a dumb hub can. However, you can make it active, give it an IP address etc if you want to use it's NAT or WebAdmin capabilities. Then you are vulnerable... 99% of those QWest customers who use the 675 probably wouldn't have a clue or a reason to change this. -Chuck
Erik Parker Mind Security An armed society, is a polite society.
Current thread:
- Re: Cisco 675 Denial of Service Attack Nate Haugo (Dec 01)
- <Possible follow-ups>
- Re: Cisco 675 Denial of Service Attack Nicholas Ianelli (Dec 01)
- Re: Cisco 675 Denial of Service Attack Lisa Napier (Dec 02)
- Re: Cisco 675 Denial of Service Attack poke (Dec 02)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack Kee Hinckley (Dec 05)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 02)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack poke (Dec 02)
- Re: Cisco 675 Denial of Service Attack Shane Youhouse (Dec 02)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 05)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 05)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 06)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 07)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 07)