Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Probes for Cisco Web Interface - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Probes for Cisco Web Interface
The Philippine Honeynet project is detecting an uptick in scans for Cisco web access. The tool most likely used is ciscoscanner v 0.2. See the full analysis for details, and thanks to Ryan Talabis for pointing this out to us.

Reminder: It is a good idea to disable all unused remote access options, in particular unencrypted access like HTTP. If you must have unencrypted access enabled, limit it to trusted IP addresses that access the device over a trusted network.
I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4473 Posts
ISC Handler
Mar 7th 2006

Sign Up for Free or Log In to start participating in the conversation!