12-05-2024 02:22 AM - last edited on 12-05-2024 03:03 AM by shaiksh
My Cisco c1300 switch is compromised as soon as it was set up for configuration. The hacker has changed the username and/or password and the a welcome message of his is being displayed on the CLI screen. Tried resetting the switch by the factory reset button but it did not help. Please help me, somebody.
Solved! Go to Solution.
12-05-2024 03:34 AM
If something is this severe, you really should open a TAC case with Cisco.
12-05-2024 04:09 AM - edited 12-05-2024 02:16 PM
First, you should never stage a device and connect it to the internet at the same time. Now, if the switch was not connected to the internet and the hacker broke in using some other entry point, the culprit is not the switch.
If you disconnect the switch from the netwok and factory reset it, there is no way the config left for the so called hacker remains. You did not factory reset it.
https://www.youtube.com/watch?v=61pbJ2rgm00
12-05-2024 03:34 AM
If something is this severe, you really should open a TAC case with Cisco.
12-05-2024 04:09 AM - edited 12-05-2024 02:16 PM
First, you should never stage a device and connect it to the internet at the same time. Now, if the switch was not connected to the internet and the hacker broke in using some other entry point, the culprit is not the switch.
If you disconnect the switch from the netwok and factory reset it, there is no way the config left for the so called hacker remains. You did not factory reset it.
https://www.youtube.com/watch?v=61pbJ2rgm00
12-05-2024 08:27 PM
Yes I was not doing the factory reset properly. The reset button had to kept in pressed state for 17/18/19 seconds precisely which I was not doing. A TAC engineer helped me with the solution. Thanks a lot for your response.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide