Re: [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1314 - 27 msgs
Date: Mon Dec 08 2003 - 13:02:31 CST
Actually, no. The copy command is privileged, and requires enable access.
G
On or about 2003.12.08 13:01:55 +0000, Valdis.Kletnieks@vt.edu (Valdis.Kletnieks@vt.edu) said:
> On Mon, 08 Dec 2003 08:18:03 PST, Daniel Sichel <daniels@ponderosatel.com> said:
> > I've got a little problem with a cisco router.
> > > It has obviously been compromised. How do i know, well the password
> > > has changed. So I want to retrieve the ACL from the RAM (not NVRAM)
> > > to see what else maybe got compromised.
> > > Does anyone know how this could be done?
> >
> > This is probably way too late to be helpful, but set up a tftp server on
> > a workstation, telnet to the router, and "copy run tftp".
>
> Gaak. It will let you do that without a password???
>
-- Gregory A. Gilliss, CISSP E-mail: greg@gilliss.com Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Mon Dec 08 13:42:38 2003
This archive was generated by hypermail 2.1.8 : Mon Dec 08 2003 - 14:01:00 CST
