Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Security hole in CAT OS ?

I have several CATOS devices in my network and running CAT OS 8.5.2 and I have TACACS and ssh enabled. I have just found out that I'm able to login to any CATOS device using a username/password ingres/ingres. Has anyone seen this behavior, any solution to stop this?

Thanks.

5 REPLIES
Bronze

Re: Security hole in CAT OS ?

Security hole in CAT OS can be avoid by reconfigure your network and disable ssh. Also, if end systems are allowed to register arbitrary addresses via ILMI, including addresses that do not match the ILMI prefixes used on the interface, a security hole may be opened.

New Member

Re: Security hole in CAT OS ?

Thank you for your reply but our management doesn't want to disable ssh and what you mentioned about ILMI, we are not even using that. We have differnet flavor of switches purely used for LAN switching.

Re: Security hole in CAT OS ?

Hi,

How is your tacacs server configured - does it do a lookup on AD or other external database? Does this username/password combination exist there?

HTH

Andrew.

New Member

Re: Security hole in CAT OS ?

It uses username/password configured inside the ACS. I do however have some users which authenticate to NT domain but user ingres/ingres is not configured anywhere either internal or external database.

Re: Security hole in CAT OS ?

Hi,

Either it's locally configured (which you can see just by looking in the config) or it'll be configured externally *somewhere* (which you should be able to verify by looking in the ACS logs).

HTH

Andrew.

113
Views
1
Helpful
5
Replies