访问安全
上网行为管理AC SSL VPN 硬件VPN云安全
信服云盾 信服云眼 重构入云业务安全边界边界安全
下一代防火墙AF WAF终端安全
终端检测响应平台EDR 企业移动管理EMM身份安全
EasyConnct 行为感知系统BA威胁检测
安全感知平台SIP病毒防护
网络防病毒等级保护
等保2.0安全审计与运营
数据库安全审计DAS云服务
私有云 公有云 云杀毒 云监控 混合云 云搬迁微软云
微软云介绍 微软云优势 微软云解决方案 微软云案例阿里云
阿里云介绍 阿里云产品 阿里云解决方案 阿里云案例钉钉
钉钉简介 钉钉定制开发推荐视频
发布者:上海IT外包来源:http://www.lanmon.net点击数:3593
3com,bay交换机、路由器 密码恢复
| 其他交换机、路由器 | |
|
|
|
|
|
|
| 3COM用一种很奇怪的方式来维护他们售出的设备,那就是后门密码,任何的下列密码都是最高权限,可以自由设置设备。 | |
|
|
|
| CoreBuilder 6000/2500 - username: debug password: synnet | |
| CoreBuilder 3500 (Version 1.0) - username: debug password: synnet | |
| CoreBuilder 7000 - username: tech password: tech | |
| SuperStack II Switch 2200 - username: debug password: synnet | |
| SuperStack II Switch 2700 - username: tech password: tech | |
| Bay Networks似乎感觉3com的这种方式很好,于是在他们350(也许还有其他型号)的产品里也加进了后门密码 "NetICs" ,类似情况没有在accelar产品系列里获得报道。 | |
|
|
|
| 除了交换机之外,3com在访问服务器里也加入了默认密码,用户名是"adm",密码为空。 | |
|
|
|
| 在极端的情况下,这可以作为恢复密码的一个手段。 | |
|
|
|
| 叉开一些话题,我在使用Nortel(Bay)的交换机时,不小心发现几乎Bay全部产品都有隐藏模式, 350/450上是按一下 ctrl-H 或者是退格键,可以进入Hidden Menu。 | |
| 在Accelar 1100/1200 上,输入 sh h ,你会看到一些隐藏命令的列表,其中有个 | |
| privilige命令,必须有rwa的用户登录以后执行,执行以后,可以进入一个特权模式, | |
| 提示符也变为 * ,然后可以输入"shell",进入一个特别的环境,看help,是些调试功能, | |
| 呵呵,很有趣,希望有人能够继续挖掘下去。http://go1.163.com/~watchsea/otherswi.htm |
| 3Com Security Advisory for CoreBuilder and SuperStack II customers | |
| 3Com is issuing a security advisory affecting select CoreBuilder LAN switches and SuperStack II Switch products. This is in response to the widespread distribution of special logins intended for service and recovery procedures issued only by 3Com''s Customer Service Organization under conditions of extreme emergency, such as in the event of a customer losing passwords. | |
|
|
|
| Due to this disclosure some 3Com switching products may be vulnerable to security breaches caused by unauthorized access via special logins. | |
|
|
|
| To address these issues, customers should immediately log in to their switches via the following usernames and passwords. They should then proceed to change the password via the appropriate Password parameter to prevent unauthorized access. | |
|
|
|
|
|
|
| CoreBuilder 6000/2500 - username: debug password: synnet | |
| CoreBuilder 3500 (Version 1.0) - username: debug password: synnet | |
| CoreBuilder 7000 - username: tech password: tech | |
| SuperStack II Switch 2200 - username: debug password: synnet | |
| SuperStack II Switch 2700 - username: tech password: tech | |
| The CoreBuilder 3500 (Version 1.1), SuperStack II Switch 3900 and 9300 also have these mechanisms, but the special login password is changed to match the admin level password when the admin level password is changed. | |
|
|
|
| Customers should also immediately change the SNMP Community string from the default to a proprietary and confidential identifier known only to authorized network management staff. This is due to the fact that the admin password is available through a specific proprietary MIB variable when accessed through the read/write SNMP community string. | |
|
|
|
| This issue applies only to the CoreBuilder 2500/6000/3500 and SuperStack II Switch 2200/3900/9300. | |
|
|
|
| Fixed versions of software for CoreBuilder 2500/6000/3500 and SuperStack II Switch 2200/3900/9300 are available below. | |
|
|
|
| General administration of these systems should still be performed through the normal documented usernames and passwords. Other facilities found under these special logins are for diagnostic purposes and should only be used under specific guidance from 3Com''s Customer Service Organization. | |
说明:
以上典型配置有很多已经是厂商停产产品,但是,不少设备往往还有运行,关于该设备的配置或者方案优化,你可以联系蓝盟,我们的资深工程师会给你意外的惊喜!上海蓝盟网络技术有限公司于2002年成立,业务涵盖IT外包、电脑维护、网络维护、网管外包、驻场服务、人员派驻、应急支持、系统集成、网络搬迁、网络升级、数据备份、综合布线、电脑维修、计算机维护、计算机维修,网络改造、网络整理、网络调试、局域网组建、 应急上门、数据恢复、网络咨询、服务管理、运维咨询、ITIL培训、ITSS咨询等,拥有近200名工程师,正在为近500家客户提供“一站式” 的IT外包服务。网址:www.lanmon.com www.lanmon.net 官方微博:http://weibo.com/lanmon2012 咨询电话:4008200159 蓝色学苑:www.bluestudy.net
分享到:
中文
电话咨询
微信咨询
公众号
