This three-part article will focus on identifying and exploiting vulnerabilities and poor configurations in Cisco routers. We will then discuss the analysis of the router configuration file and will attempt to leverage this access into other systems. Additionally, we will cover . . .
This three-part article will focus on identifying and exploiting vulnerabilities and poor configurations in Cisco routers. We will then discuss the analysis of the router configuration file and will attempt to leverage this access into other systems. Additionally, we will cover the possibilities of what one may do once access to the device has been achieved. We chose to focus this article on Cisco routers due to their overwhelming market share.

Pen testers may often go after the more glamorous or fun systems to hack, such as the vulnerable Solaris 8 system, or the Microsoft 2000 server vulnerable to the slew of recent RPC DCOM holes, leaving the core network infrastructure devices alone. I would caution the pen tester to think twice about overlooking these critical systems, for these are the proverbial keys to the kingdom. "So what that the telnet service is accessible to everyone on the Internet", or "I need SNMP open in order to manage my devices", the client may say. These two services alone (though not necessarily vulnerable because of bugs in the code) will usually give a pen tester (or attacker) more than enough opportunities to compromise the device.

As important as these network devices are to the overall security, reliability, and availability of the network, it is pertinent that the pen tester takes a good, hard look at them before blessing them as being secure.

The link for this article located at SecurityFocus is no longer available.