-
July 15th, 2006, 01:59 PM
#1
Junior Member
Router Vulnerabilities
In my organisation we have a number of routers. These are configured via telnet (which i know sends in clear text) and are not updated with security patches after vulnerabilties are released. Although these are secured with passwords, no logging is set up on these to monitor access. some of these accept dialup connections and other are used to router traffic between sites.
Can anyone tell me what attacks are these routers vulnerable to? i'm guessing DOS attacks through people sniffing the clear test password and then screwing the config up, but could these also be vulnerable to someone diverting certain traffic elsewhere and operating at man-in-the-middle attack? or are there other types of attack that i should be more worried about?
Thanks
Thatch
-
July 15th, 2006, 02:23 PM
#2
What brand and model of router are we talking about, and what software/firmware version are they running? We can speculate all day long, but with specifics, we can give you a more thorough analysis that will be a targeted more to what you would actually be potentially vulnerable to.
For example a Netopia R2020 router running firmare v4.11.3 will have different vulnerabilities than a Cisco 1720 running IOS v11.0.2, etc.
CC
Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.
-
July 15th, 2006, 02:35 PM
#3
Junior Member
mostly cisco, but many different models.
all i really need to know at this stage is the types of attack that are possible rather than specifics. i have a meeting soon which i would like to use the information i'm gathering to make my bosses aware that vulnerabilities exist even though we are beind a firewall. hopefully this will support my argument for proper training, policies and a user awareness programme.
-
July 15th, 2006, 03:40 PM
#4
why dont you just do a google search and do some reading
http://www.google.ca/search?hl=en&sa...lities&spell=1
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
July 15th, 2006, 04:08 PM
#5
Off the bat, you're vulnerable to sniffing attacks on the router's credentials. Isn't that bad enough? Cisco recommends that you use SSH instead of telnet. There are tons of documents that can help you set this up.
Personally, I use a management rail for infrastructure management.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 15th, 2006, 06:16 PM
#6
Originally posted here by thehorse13
Off the bat, you're vulnerable to sniffing attacks on the router's credentials. Isn't that bad enough? Cisco recommends that you use SSH instead of telnet. There are tons of documents that can help you set this up.
--TH13
Yes. That is the first thing that came to my mind.
Also, do you have ACLs that only allow access from certain machines/subnets?
Cisco has quite a few vulnerabilities that allow compromise of the configs and DoS attacks depending on your featuresets.
Security Forrest and Metasploit both have quite a few point and click or ready to run exploits in their databases.
http://www.securityforest.com/wiki/index.php/Main_Page
http://www.metasploit.com/
Backtrack has a bunch of footprinting/enumeration/exploits already included in their live cd for various routers.
http://www.remote-exploit.org/index.php/BackTrack
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
July 15th, 2006, 08:30 PM
#7
Junior Member
Thanks for pointing me in the right direction guys, now i have a better idea what i'm looking for, i can go away and do some reading.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|