2
I can see my user name and password of my router on my laptop with a second machine connected to my Cisco router, when I use Wireshark on the second machine.
How do I protect myself from such attacks?
user1560596
Posted 2012-11-06T21:08:38.667
Reputation: 23
8
Sounds like you're using telnet when you should be using ssh. I'm not sure if ssh is supported by router. It may not be if it is running an old IOS version.
You could also try logging into the serial console directly and disabling telnet access entirely by commenting out any vty lines in your running configuration.
wellwisher_random
Posted 2012-11-06T21:08:38.667
Reputation: 96
1
+1 for suggesting ssh, but to force it on vty(s) transport input ssh should be used. Link to ssh configuration from Cisco: http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml
is this a consumer, or commercial Cisco router? You try putting https ://192.168.0.1 instead of HTTP in your web browser? Otherwise if it is a commercial Cisco router, then you should be using SSH2 instead of telnet. Console into your router first because SSH2 takes additional setup. http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml
– j_bombay – 2012-11-06T22:04:51.8802Wireshark in this case can be replaced with any net sniffer software. – Hennes – 2012-11-06T23:40:04.187
The router is a non-commerical router .It is used for home purpose. – user1560596 – 2012-11-07T06:42:10.257