cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
250
Views
2
Helpful
3
Replies

Cisco C1300 switch is compromised even before deployment

rg.singh2006
Level 1
Level 1

My Cisco c1300 switch is compromised as soon as it was set up for configuration. The hacker has changed the username and/or password and the a welcome message of his is being displayed on the CLI screen. Tried resetting the switch by the factory reset button but it did not help. Please help me, somebody.

2 Accepted Solutions

Accepted Solutions

If something is this severe, you really should open a TAC case with Cisco. 

View solution in original post

@rg.singh2006 

 First, you should never stage a device and connect it to the internet at the same time. Now, if the switch was not connected to the internet and the hacker broke in using some other entry point, the culprit is not the switch.

If you disconnect the switch from the netwok and factory reset it, there is no way the config left for the so called hacker remains. You did not factory reset it.

https://www.youtube.com/watch?v=61pbJ2rgm00

 

 

View solution in original post

3 Replies 3

If something is this severe, you really should open a TAC case with Cisco. 

@rg.singh2006 

 First, you should never stage a device and connect it to the internet at the same time. Now, if the switch was not connected to the internet and the hacker broke in using some other entry point, the culprit is not the switch.

If you disconnect the switch from the netwok and factory reset it, there is no way the config left for the so called hacker remains. You did not factory reset it.

https://www.youtube.com/watch?v=61pbJ2rgm00

 

 

Yes I was not doing the factory reset properly. The reset button had to kept in pressed state for 17/18/19 seconds precisely which I was not doing. A TAC engineer helped me with the solution. Thanks a lot for your response.

Review Cisco Networking for a $25 gift card