Cisco reveals its "backdoor" wink wink nudge nudge

Interesting article:
http://www.cisco.com/warp/public/707/cisco-sa-20040407-username.shtml

Any of you system admins out there with Cisco hardware should give this a serious read.

TKS

Posting Pro in Training

470 posts since Jan 2004

Reputation Points: 108

Solved Threads: 18

8 Years Ago

0

Wow.

How dumb is this? You'd think that in this day and age with all of these security fears we've got going around, Cisco of all places, which offers a FREAKING INTERNET SECURITY CERTIFICATION would have thought better than to hard-code a username/password pair into their firmware.

Ah well... at least they released a patch... :rolleyes:

alc6379

Cookie... That's it

Team Colleague

2,820 posts since Dec 2003

Reputation Points: 186

Solved Threads: 147

8 Years Ago

0

APC has done the same thing too. It is really disturbing that these big companies would include such backdoors. All it takes is one disgruntled employee to cause a lot of havoc. Sure, the developers of the systems would know of bugs, and other exploits as they did create the product, but setting up a straight-forward backdoor is a bit much.

i686-linux

Posting Whiz in Training

210 posts since Mar 2004

Reputation Points: 87

Solved Threads: 12

8 Years Ago

0

Agreed. One disgruntled employee (bad apple) can spoil the lot. Why would they include it in their hardware? Sounds like leaving the key underneath the doormat if you know what I mean...and then putting up a sign with an arrow that points under the mat and says "key" (pink neon, blink blink, blinkety blink)

TKS

Posting Pro in Training

470 posts since Jan 2004

Reputation Points: 108

Solved Threads: 18

Cisco reveals its "backdoor" *wink wink nudge nudge*

This article has been dead for over three months

Cisco reveals its "backdoor" wink wink nudge nudge