| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20031205143519.GA5164@SDF.LONESTAR.ORG> From: petard at freeshell.org (petard) Subject: cisco acl On Fri, Dec 05, 2003 at 01:45:31PM +0100, isa vaul wrote: > Hello full-disclosure, > > I've got a little problem with a cisco router. > It has obviously been compromised. How do i know, well the password > has changed. So I want to retrieve the ACL from the RAM (not NVRAM) > to see what else maybe got compromised. > Does anyone know how this could be done? > > thanks for any suggestions in advance... You'll probably get better answers if you: 1. google for "cisco router forensics" 2. ask this question to a cisco list 3. ask this question to cisco tech support. they're quite good. Assuming you've determined the changed password and the enable password, the command: # show running-config will display the current configuration from RAM, including any ACLs IIRC. HTH, petard -- If your message really might be confidential, download my PGP key here: http://petard.freeshell.org/petard.asc and encrypt it. Otherwise, save bandwidth and lose the disclaimer.
Powered by blists - more mailing lists