Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled.
I've noticed this for FTP as well.
The new firmware for the AP9211s seem to fix this issue.
-- Keith
On Thu, 19 Feb 2004, David Monosov wrote:
> To your attention: This comes from limited experience with one version of
> the 9606 firmware (v3.0.3) on MasterSwitch 9xxx series, tested across many
> of the devices:
>
> Although provided an option to disable telnet administratively via the Web
> interface as well as the Telnet interface itself - telnet does *NOT*
> actually gets disabled.
>
> It disables itself for a matter of approx +/- 20 seconds, and comes back as
> if nothing ever happened. Repeating attempts to disable telnet access are
> futile. The only effective method of preventing possible exploitation seems
> to be filtering port 23 on the network level. This seems to be another
> firmware issue.
>
> Please check your APC's using 9606, your sense of security from disabling
> telnet might be false :(
>
> ---
> David 'wEEkAY' Monosov
> david dot monosov at futureinquestion dot net
>
>
>
>
>
>