skallioLE
10-23-2007, 07:56 AM
If a router is configured with the following for its vty lines, what is the net effect?
line vty 0 3
access-class 23 in
exec-timeout 20 0
password 7 xxxxxxxxxxxxx
login
transport input telnet
line vty 4
exec-timeout 20 0
password 7 yyyyyyyyyyyy
login
transport input telnet
!
I know that lines 0 3 will require the access-class to be matched to be accessed, but line 4 does not. How would one connect to line 4 if they wanted to bypass the access-list requirement on lines 0 3? I'm thinking you would need to connect to lines 0 3 and then open another connection and you would get to line 4? Just curious how this backdoor would work.
Thanks.
line vty 0 3
access-class 23 in
exec-timeout 20 0
password 7 xxxxxxxxxxxxx
login
transport input telnet
line vty 4
exec-timeout 20 0
password 7 yyyyyyyyyyyy
login
transport input telnet
!
I know that lines 0 3 will require the access-class to be matched to be accessed, but line 4 does not. How would one connect to line 4 if they wanted to bypass the access-list requirement on lines 0 3? I'm thinking you would need to connect to lines 0 3 and then open another connection and you would get to line 4? Just curious how this backdoor would work.
Thanks.