March 2013 Archives

A recent flight home had me accidentally shoulder-surfing a major financial institution employee.  I managed to catch him editing an internal switch/router configuration (probably Cisco?  Although all the switch syntaxes blur together for me).

I caught a line similar to this:

enable password level 15 <pretty easy to remember password, if you've seen it>

It caught my eye enough to eavesdrop for a while longer, until I snagged a legalese logon banner in the config, as well as the switches internal IP address (172.something).

Just a reminder to not edit sensitive files when in a public place.  I'm certainly guilty as heck of this from time to time.  It's a lesson especially useful for consultants to remember, as it's very tempting to start writing up the report for the latest engagement while on the flight home.  You never know who is going to be looking over your shoulder to get a little info on a nice, juicy, target network.

The company in question has so far been cool to deal with...an IR guru and I chatted on the phone to figure who the bad employee was.  I hope they don't get in trouble, but rather treat it as a life lesson that he shouldn't work so hard.

About this Archive

This page is an archive of entries from March 2013 listed from newest to oldest.

January 2013 is the previous archive.

April 2013 is the next archive.

Find recent content on the main index or look in the archives to find all content.