In other news I have heard of routers getting hijacked due to poor ACL’s and SNMP traffic being sent over public networks in plain-text. It is important to keep your router locked down and protected. If your router got accessed and changed by an unauthorized person the first thing they might do is to lock you out. I have heard of reports where this is happened to a large multi-site company and they where blackmailed for money to get access back to there routers.<\/p><\/blockquote>\n
Vielleicht ist das aber auch eine Form des Outsourcing. Der Angreifer \u00fcbernimmt den Router, sichert ihn ab, damit der Besitzer (und auch ein anderer Angreifer) nicht mehr herankommt, und der Besitzer zahlt daf\u00fcr ein paar Euro oder Dollar (Dollar? Nimmt ein Angreifer vermutlich nicht mehr \ud83d\ude09 ). Das ist eventuell billiger, als die eigene IT-Abteilung zu beauftragen.<\/p>\n","protected":false},"excerpt":{"rendered":"
Ok, “cisco” als Passwort benutzt niemand mehr ausserhalb eines Lab-Aufbaus. Dass das keine gute Idee ist, hat sich inzwischen herumgesprochen. Aber h\u00e4tte man beim Ab\u00e4ndern dieses Passwortes nicht auch gleich die SNMP-Community-Strings “public” und “private” \u00e4ndern k\u00f6nnen? Und wenn man dabei ist, vielleicht auch die Access-Classes anpassen bzw. eine richtige Absicherung der Management-Plane konfigurieren? Von <\/p>\n
continue reading<\/a><\/div>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"twitterCardType":"","cardImageID":0,"cardImage":"","cardTitle":"","cardDesc":"","cardImageAlt":"","cardPlayer":"","cardPlayerWidth":0,"cardPlayerHeight":0,"cardPlayerStream":"","cardPlayerCodec":"","footnotes":""},"categories":[15],"tags":[99,137,558],"class_list":["post-314","post","type-post","status-publish","format-standard","hentry","category-security","tag-brian-wilson","tag-cisco","tag-slimjim100"],"_links":{"self":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts\/314","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/comments?post=314"}],"version-history":[{"count":0,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/posts\/314\/revisions"}],"wp:attachment":[{"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/media?parent=314"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/categories?post=314"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyber-fi.net\/index.php\/wp-json\/wp\/v2\/tags?post=314"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}