ryan80
asked on
Cisco ASA password protection
I just had a security audit, and the auditor just told me that our firewall had default passwords. I just looked at our configuration and did not find any. I am not a Cisco expert or even good at Cisco programming by any means so maybe I can get some help.
Here are the lines that I see regarding passwords:
enable password ******************* level 12 encrypted
enable password ******************* encrypted
passwd ********************* encrypted
username ****password ************************ encrypted privilege 15
username *********** password ***************** encrypted privilege 15
username ************ password ***************** encrypted
username *********** password ****************** encrypted
username *********** password *************** encrypted privilege 15
All of the usernames are custom. I have tried to log into it using cisco/cisco as the un/pw and it is denied. Is there something that I am missing?
Here are the lines that I see regarding passwords:
enable password ******************* level 12 encrypted
enable password ******************* encrypted
passwd ********************* encrypted
username ****password ************************ encrypted privilege 15
username *********** password ***************** encrypted privilege 15
username ************ password ***************** encrypted
username *********** password ****************** encrypted
username *********** password *************** encrypted privilege 15
All of the usernames are custom. I have tried to log into it using cisco/cisco as the un/pw and it is denied. Is there something that I am missing?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Your console connection may not be protected, so anyone could plug a cable into the back of your firewall and get to your configuration. That may be what the auditor is concerned about.
ASKER
I check and the enable password is not the default one. What password does this line refer to?
passwd ********************* encrypted
Also the console connection is not protected to get into non privlegeded mode, but it is in a protected room, and the evaluation was through a scan box, so I doubt that is the issue. I dont see anything, unless he is talking about being able to access it through telnet from the inside, so it would be possible to intercept the password if you were able to capture traffic inside the network.
Any other ideas?
passwd ********************* encrypted
Also the console connection is not protected to get into non privlegeded mode, but it is in a protected room, and the evaluation was through a scan box, so I doubt that is the issue. I dont see anything, unless he is talking about being able to access it through telnet from the inside, so it would be possible to intercept the password if you were able to capture traffic inside the network.
Any other ideas?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I checked on the telnet. It needs both a username and password and they are not set to default. I will just wait until I see what the auditor says is actually wrong. While I dont think that the firewall is setup with best practices, I dont see any default passwords.
ASKER
Thanks I will check that enable password.