[c-nsp] disable break on boot for IOS??
neal rauhauser
nrauhauser at gmail.com
Mon Jul 13 17:10:44 EDT 2009
I have a situation with a former employee who still has legitimate
physical access to a shared space where we have some Cisco equipment. Today
one of our field guys located a UBR924 attached to our cable modem plant
with the cutest little rogue Linux machine attached to its ethernet port.
I had them recover the router's password as the first step and now I'm
puzzling over this:
http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a008022493f.shtml
I recall that a machine can be set such that the break during boot will
not permit password recovery, but it isn't clear to me how I do it. I'd
really like to get this machine secured so I can dig in to what he is doing.
I'd already isolated this cable plant because I knew intrusion was possible
but I want to see what other mischief he uses our facilities for - a little
spice for the already meaty intrusion case against him this spring.
--
mailto:Neal at layer3arts.com //
GoogleTalk: nrauhauser at gmail.com
IM: nealrauhauser
More information about the cisco-nsp
mailing list