From: Robert E. Lee (robert@dyadsecurity.com)
Date: Mon Sep 01 2003 - 20:09:23 EDT
> -----Original Message-----
> From: Agazzini Maurizio [mailto:maurizio@mediaservice.net]
> Sent: Sunday, August 31, 2003 10:51 AM
> To: pen-test@securityfocus.com
> Subject: Fabric OS
>
> Recently during a pentest I got some host with "Fabric OS (tm)
Release
> v3.0.2f", some information about this OS can be found at:
> http://www.brocade.com/products/software/fabric_os/index.jsp
>
> Someone know if there are some default login?
I’m assuming that this is an internal test, as I’ve not yet seen a
customer configure a SAN switch externally accessible (I suppose
stranger things are possible ☺). Also, is the IP on the standard
Ethernet port or is it IP over FC?
The default login/password combination is:
Login: admin
Password: password
Also noteworthy, try going to http://ip_of_san_switch/swReport.html
(can’t remember if it’s .htm or .html, been too long). This page is
basically a concatenation of several configuration commands all in one
handy output. It includes all of the zoning information and which other
switches are in the fabric. This URL isn’t password protected, so you
can still data mine good information about the SAN without logging in.
Robert
Robert E. Lee, OPST, OPSA
CTO
3400 Irvine Ave, Building 118
Newport Beach, Ca 92660
T (949) 486-6600
F (949) 486-6001
http://www.dyadsecurity.com
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT