Sherwyn,
You must have gotten through the wireless networks that you were
checking 3 weeks back since you move into network devices ;)
For these new devices have you tried the following:
Telnet to both devices on port 23. Do they only have a password
prompt? If so, you can try to brute force the login. If they have a
username and password prompt forget the brute force unless you know the
username for the device, which is not standard name.
Have you tried to connect to the web management interfaces (could be
disabled) for these devices?
If SNMP is enabled for management have you tried basic names like
public, private and clientname to see if you can connect to the
devices? You could try to brute the SNMP R/W string, but if the
devices have an ACL for those connections try something else.
Depending on your access-level to the network have you tried to sniff
the clear text password for the device when it is being managed?
If the device is running an old version of IOS you may be able to find a
published vulnerability for that version. Use nmap to guess the IOS.
Do you have physical access to these device? If so, have you tried to
attached a console cable to see if a password has been set for local
management?
You could also leap-frog from a compromised trusted system in the main
network to these device. If this is part on an approved vulnerability
test than I would normally attack the management station(s) used by the
network admins, which may have vulnerabilities.
Intel96
sherwyn williams wrote:
Hello all,
I know there like tons of tools out there to pent test Cisco equipment, but
what might be the best ones for the 4700, and 6509 series. This is from a
local intranet prospectus.
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise,
you need to proactively protect your applications from hackers. Cenzic has
the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
