[lug] Cisco 675 security

[Walter Pienciak]

FWIW, I keep my 675 in bridging mode, and it's unreachable
except for that serial cable.  Doesn't have an IP address.
I do all my filtering and NAT, etc., on another piece of
hardware on the LAN side of the 675.

Walter

On Mon, 14 May 2001, B O'Fallon wrote:

> Hello,
>
> This might be of interest to owners of Cisco 675 ASDL modems.
>
> I am using a Cisco 675 modem for my ASDL connection. The other day, I
> ran Steve Gibson's port scanner (www.grc.com) against my ISP address
> and found the telnet and http ports to be open.
>
> When I called Qwest to see why, I was told that these modems were set
> up with these ports disabled, until the user connected to the CBOS, at
> which time they were enabled. I disabled them by telnetting in and
> then issuing, as root, the commands "set telnet disable" and "set web
> disable". Of course, this means that in the future that the ONLY way I
> can connect to configure the modem is by use of the serial cable.
>
> Now I went back Gibson's site and ran the port scanner again. It still
> showed the ports as open. However, when I try to connect I immediately
> get disconnected. This occurs both under NT and Linux.
>
> Running nmap against my IP address revealed:
>
>     -- if nmap -sT -sU is used, all ports are closed. This took 31
> seconds.
>
>     -- if nmap -P0 is used, the telnet and http port are open. This
> took 671 seconds.
>
> Apparently leaving these ports open, according to Qwest, is a design
> "feature" on the part of Cisco and there has never been any
> explanation for it. While it would appear that although the ports may
> be open, connections to them are refused, so I am making the
> assumption that my 675 is secure.
>
> Comments, anyone?
>
> --
> B. O'Fallon
> bof at americanisp.net
>
> I wrote it down so that I wouldn't have to remember.
>
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>