nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Warning: Cisco RW community backdoor.

From: "Alexander Kiwerski" <akiwerski () winstar com>
Date: Tue, 27 Feb 2001 11:29:38 -0800

I stand corrected, partially, since routers below 36xx support ATM.

-Alex K.

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Alexander Kiwerski
Sent: Tuesday, February 27, 2001 10:50 AM
To: nanog () merit edu
Subject: RE: Warning: Cisco RW community backdoor.



I would suspect that only routers capable of supporting ATM interfaces, ie
3640 and up, will respond, as ILMI is used for ATM.

-Alexander Kiwerski

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Eric Germann
Sent: Monday, February 26, 2001 8:30 PM
To: Jared Mauch
Cc: nanog () merit edu
Subject: Re: Warning: Cisco RW community backdoor.



Cursory testing shows 16xx, 17xx, 26xx and 25xx don't seem to respond to it
running various revs from 11.x to 12.1.

3640 running 12.0.1T coughs up the info.

3662 running 12.1(3a)T acts really goofy.  Had to reboot the router to fix
it (test point).  CPU at 100%.


At 09:48 PM 2/26/01 -0500, Jared Mauch wrote:


       I was told by Cisco it should be RW.  (To override the builtin
one).

       I never ran a test w/ RO so was speaking from that
data.

       If you get some message about the "community/party" exists
or something like that, put this in:

no snmp-server view *ilmi

       It doesn't get saved in the config, so if you machine generate
your nvram:startup-config, you're ok, if you do not, you will
need to re-add it each time you reboot.

       - Jared

On Mon, Feb 26, 2001 at 06:43:40PM -0800, John Payne wrote:

On Mon, Feb 26, 2001 at 09:06:51PM -0500, Jared Mauch wrote:


    1) Workaround provided by James is incorrect.  You need RW not
RO.


No, you only need to specify RO... at least according to the tests I've
just run.  As I understand it you're overriding a built in community.


--
John Payne      http://www.sackheads.org/jpayne/    john () sackheads org
http://www.sackheads.org/uce/                    Fax: +44 870 0547954
        To send me mail, use the address in the From: header


--
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



==========================================================================
  Eric Germann                                        Inacom Info Systems
  egermann () inacomlima com                             Lima, OH 45801
                                                      Ph:  419 331 9050
  ICQ:  41927048                                      Fax: 603 825 5893

"It is so easy to miss pretty trivial solutions to problems deemed
complicated.  The goal of a scientist is to find an interesting problem,
and live off it for a while.  The goal of an engineer is to evade
interesting problems :)"  -- Vadim Antonov <avg () kotovnik com> on NANOG
Previous By Date Next
Previous By Thread Next

Current thread: