This is an old vulnerability. The docs note that a password should be set, or the user deleted. I found this snippet in a log of our original config from '99: add user "!root" password "password" type login,manage delete user adm In other words, adding the old "!root" user from the old netserver days and nuking the adm user. If there were still searchable archives for this list, it would pop up, but usr-tc.datasys.net just mocks us, as the owner has apparently moved to another RAS :) Charles | Charles Sprickman | Internet Channel | INCH System Administration Team | (212)243-5200 | spork@inch.com | access@inch.com On Tue, 24 Jul 2001, Brian Becker wrote:
The newest edition to our IT Department (he's been in Tech Support for 3 years) emailed me this afternoon (full email below). I didn't believe him at first so I telneted to on of our TC boxes and when prompted with "Login:" I typed adm and pressed Enter. HOLY COW! It said "Hiper:" and I had full access.
I'm curious as to how many people on this list were vulnerable like us (we have 20 TC boxes throughout Southeast Missouri).
Brian
Brian Becker President, Poplar Bluff Internet, Inc. P.O. Box 190 | Poplar Bluff, MO 63902 | 573.686.9114
Home of http://semo.net - Southeast Missouri's Online Community http://TotallyFabricated.com Total Scrutinizer - Tech Support Just Got Easier WebGabber - All-html Web Chat Software
-----Original Message----- From: Adam Barnhill Sent: Tuesday, July 24, 2001 6:41 PM To: ---interoffice DataComm List--- Subject: [datacomm] Secret access to TCs
It has come to my attention that our TCs were vulnerable to anyone's attack.
User : adm Would allow access to manage and login to our TCs. The fix was easy. Just 'del user adm' and then 'save all' (thanx Brian)
I was actually searching for TC command references, and happened upon ;) a hack list of default and backdoor passwords. The link I originally found a hack article on is http://the.wiretapped.net/security/info/textfiles/k1ine_11.txt and the password list is in that tree somewhere.. Lots of backdoors for other RAS, switches, hubs and other..
Adam Barnhill Systems Technician / IT Dept. Semo.net / Poplar Bluff Internet, Inc. 1(877)686-9114 http://semo.net/
_______________________________________________ datacomm mailing list datacomm@lists.semo.net http://lists.semo.net/mailman/listinfo/datacomm
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.