First page Back Continue Last page Graphics
Configuration Disclosure: Infrastructure
Tools:
- Ethereal / Wireshark
- http://www.wireshark.org/
- Deductive Reasoning
- Cisco phones have MAC based filenames:
- CTLSEP<eth.addr>.tlv
- SEP<eth.addr>.cnf.xml
- SIP<eth.addr>.cnf
- MGC<eth.addr>.cnf
- Then there’s defaults:
- XMLDefault.cnf.xml
- SIPDefault.cnf
- dialplan.xml
- TFTP-Bruteforce - Brute forces TFTP filenames
- http://www.hackingexposedcisco.com/tools/TFTP-bruteforce.tar.gz
Mitigation:
- Don ‘t use TFTP! FTP is better, but still not secure...
- Use non-default filenames