This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

disable password recovery and factory reset through console port

disable password recovery and factory reset through console port

f3rha4n
New Contributor II

‎04-24-2016 06:22 AM

Hello,
How can I disable password recovery and configuration removal through boot menu on Extreme Switches? Its a security risk as anyone can connect to the console port and undo all the configuration.
0 Kudos
3 REPLIES 3

Paul_Thornton
New Contributor III

‎04-24-2016 09:06 AM

To be fair, there's a big difference between changing the config register and then booting a Cisco to selecting no config in the EXOS bootrom.

If you change the confreg, you can boot and get to the config with no password trivially with a 'show conf'; this isn't possible on EXOS - the switch will boot with a default config and there is no way to show the non-booted configuration.

I may be missing an attack vector here, and if so I apologise; but I still think that if someone has physical access to a device then you have a much harder job to secure it. I could, for example, de-solder the flash chips and read them directly if I have the switch - you'd notice that for sure, but you can't prevent that even with encryption because the keys would also have to be there, so the switch could decrypt the config on boot 🙂

Paul.
0 Kudos

f3rha4n
New Contributor II

‎04-24-2016 07:27 AM

other vendors have similar options to counter this risk, like in cicso you can prevent the NVRAM register value to be changed. I think the option should be there and it should be up to the customer whether they want to implement it or not.
0 Kudos

Paul_Thornton
New Contributor III

‎04-24-2016 06:37 AM

I don't think there is any way to prevent this - which is actually a good thing; you need to be able to recover a switch for a number of very legitimate reasons sometimes.

There was a recent version of the boot menu that disabled 'config none' - and a lot of people complained to the TAC and this was reversed (the only way to recover one of those switches was a very slow erase and TFTP new code onto it).

If someone has physical access to your infrastructure, no amount of clever software features are going to close that security hole. I would expect that someone erasing the configuration would cause an outage more than being a security risk to you though?

Paul.

0 Kudos
GTM-P2G8KFN