06-05-2003 11:51 AM - edited 03-02-2019 07:55 AM
This router has a very restrictive access list for vty 0 4. All the machines that could possibly access it have been checked for hackage. I still have enable access to the switch. I still have snmp access and no config changes have apparently been made to the MSFC. It seems real unlikely that it has been broken into. The last config written to tftp shows the same secret as in 2 old configs.
I'm interested in any and all suggestions as to how to proceed from here... any known exploits any explanations or any ideas or any tricks to try would be greatly appreciated.
Thanks
Ron
Cisco Internetwork Operating System Software
IOS (tm) MSFC Software (C6MSFC-IS-M), Version 12.1(2)E, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 19-Jun-00 20:46 by linda
Image text-base: 0x60008900, data-base: 0x60D74000
ROM: System Bootstrap, Version 12.0(3)XE, RELEASE SOFTWARE
BOOTFLASH: MSFC Software (C6MSFC-BOOT-M), Version 12.1(2)E, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
MSFC-1 uptime is 32 weeks, 3 days, 57 minutes
System returned to ROM by power-on at 20:40:29 UTC Fri Nov 24 2000
System restarted at 13:33:58 EDT Mon Oct 21 2002
Running default software
cisco Cat6k-MSFC (R5000) processor with 114688K/16384K bytes of memory.
Processor board ID SAD04180EZU
R5000 CPU at 200Mhz, Implementation 35, Rev 2.1, 512KB L2 Cache
Last reset from power-on
Bridging software.
X.25 software, Version 3.0.0.
18 Virtual Ethernet/IEEE 802.3 interface(s)
123K bytes of non-volatile configuration memory.
4096K bytes of packet SRAM memory.
16384K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102
06-05-2003 12:28 PM
try the password you think it should be with a space at the end, then try 2 spaces, etc.
Things that can happen
1. people who use the ? every time they work through a command can end up with space/s at the end of their password and they become part of the password.
2. copy/pasting config in can add space/s to the end of a password
3. entering the coomand incorrectly like enable password secret cisco (where it should have been enable secret cisco) creates a password with embedded space of "secret cisco".
It can be multiple spaces so if one doesn't work try more progressively. You might be able to see the spaces on the saved config if it is not encrypted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide