Why would a Cisco network device with the latest updates and patches have the service config setting enabled, making the device vulnerable to the TFTP Server Attack?
A.
Disabling telnet enables the setting on the network device.
B.
This setting is enabled by default in the current Cisco IOS.
C.
Allowing remote administration using SSH under the Cisco IOS also enables the setting.
D.
An attack by Cisco Global Exploiter will automatically enable the setting.
E.
This older default IOS setting was inherited from an older configuration despite the upgrade.
Enabling the service config setting causes a Cisco router to be vulnerable to the TFTP Server Attack since it will actively try to retrieve a new configuration file from the nearest TFTP server. An attacker can insert a malicious update file in this process to compromise the Cisco router.
The service config setting was disabled by default in the Cisco IOS in version 12.0, but had been enabled by default in the 11.x series of the IOS trains. This feature is often enabled in later versions since organizations don’t always realize the risk of this setting and will leave it enabled as the migrate through multiple IOS upgrades.
The other items listed don’t enable the service config setting.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit