IIS? No ****?!? Are you sure?? Never saw one before and I've seen alot of switches.Originally posted here by nebulus200
Bah! Don't do that! CLI and 'no ip http server', all the way... you know some of those switches are using IIS on the backend, right?
But I do suggest checking if your IOS isn't vulnerable.
Check if you can see the config (without authentication) with the following URL:
http://myswitch/level/16/exec/show/config
If you get to see the config I suggest turning the http interface off as soon as possible. Anyone can change your config if this works.
Also see if you can run the Cisco Global Exploiter to make sure it's not vulnerable to some more tricks.