<<< Date Index >>>     <<< Thread Index >>>

Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled.



I've noticed this for FTP as well.

The new firmware for the AP9211s seem to fix this issue.

-- Keith

On Thu, 19 Feb 2004, David Monosov wrote:

> To your attention: This comes from limited experience with one version of
> the 9606 firmware (v3.0.3) on MasterSwitch 9xxx series, tested across many
> of the devices:
> 
> Although provided an option to disable telnet administratively via the Web
> interface as well as the Telnet interface itself - telnet does *NOT*
> actually gets disabled. 
> 
> It disables itself for a matter of approx +/- 20 seconds, and comes back as
> if nothing ever happened. Repeating attempts to disable telnet access are
> futile. The only effective method of preventing possible exploitation seems
> to be filtering port 23 on the network level. This seems to be another
> firmware issue.
> 
> Please check your APC's using 9606, your sense of security from disabling
> telnet might be false :(
> 
> ---
> David 'wEEkAY' Monosov
> david dot monosov at futureinquestion dot net
> 
> 
> 
> 
> 
>