For those who are using PIX Firewall Manager to configure and manage your firewall, you are at risk of your firewall password being obtained by an intruder or an insider. Why? Because after the PFM software makes an initial connection to the PIX Firewall, the administrative password is stored in plaintext on the local management workstation. I am not too where is it stored, but it might be in the registry or search for the PFM installation directory for log or text files. It might be inside. So, to avoid that, cisco recommends using PIX Device Manager(PDM) instead. Well, for me, i never use PDM or PFM to configure the firewall, the IOS itself is good enough for me. Also, always practice logging your PC after finished using. The default username and password for the PFM is as shown below:
Administrator username: pixadmin
Administrator password: cisco
Normal user username: pixuser
Normal user password: cisco
Change your default user accounts to avoid compromisation.
Friday, April 13, 2007
Subscribe to:
Post Comments (Atom)
4 comments:
Nice One!! U're a CiScO MaStEr! ;)
Nope. I am not an expert.
hackathology
Dont under-estimate your capabilities :)
I am not. But i still feel i am good enough yet.
hackathology
Post a Comment