Nicky Brown
2010-04-08 16:07:21 UTC
Hi All,
We have a Rancid installation on an internal IP. Everything is pretty much
default and only our Cisco devices are managed through Rancid. I just
noticed a truck sized hole in my config however.
If you enter http://192.168.32.2/cgi-bin/cvsweb.cgi/ on your browser, you
can access the config files for all our devices without a password.
I have limited the IPs which can reach port 80 but that is far from enough.
What must I change to protect this data? Is there a howto? Did I miss a
section of the installation manual?
Nicky.
We have a Rancid installation on an internal IP. Everything is pretty much
default and only our Cisco devices are managed through Rancid. I just
noticed a truck sized hole in my config however.
If you enter http://192.168.32.2/cgi-bin/cvsweb.cgi/ on your browser, you
can access the config files for all our devices without a password.
I have limited the IPs which can reach port 80 but that is far from enough.
What must I change to protect this data? Is there a howto? Did I miss a
section of the installation manual?
Nicky.