On 03/27/2016 08:55 AM, Alvin Starr wrote:
Even with SSH the first thing coming back from the switch is a set of well defined headers and prompts so I would be willing to bet that SSH on a switch is fairly crackable.
I thought ssh was secure. IIRC, the key changes frequently, with the public/private key pair used only to set up the connection, with a random key used to carry the data.
A lot of the lower end switches use a http web interface which is no more secure than telnet. Many use https, instead of plain http. Again, it's the same key situation as with ssh. Sadly switch configuration has not changed much in the last 20+ years. It would be interesting to see cheap Openflow switches but that technology is still a few years away from permeating the SME market. I normally use the console port, when working with equipment. However, with large networks, you have to rely on some remote connection.
As I mentioned earlier, in order to attack a password, you have to see the data. That doesn't happen much with switches, though it was quite easy prior to switches. Also, remote management is generally done via vlan, which makes it a bit more difficult for a casual eavesdropper.