Note to anyone selling equipment

Date December 31, 2008

ALWAYS wipe your equipment before you sell it to anyone.

This includes things like hard drives and network devices.

I can't mention any names at all, or specifics, but I ordered a couple of refurb routers a few days ago, and I was very surprised today when I saw full router configs in place, complete with IPSec settings, ACLs, and plaintext read/write SNMP strings.

Always wipe your configs before you sell the devices. Always.

  • Kameron

    We recently bought a used Cisco 7206VXR router off of eBay with the old config still accessible. I now have a more knowledge of a certain defense contractor's network infrastructure than they probably would approve of.

    Included were goodies such as SNMP communities, TACACS+ server hosts and keys, BGP peers/community/MD5 keys, and ip6inip tunnel information.

    It's not the first time it's happened to us, either. We've come across configs in gear from state government offices, lawyer's offices, and an online porn host.

    Good times.

  • Matt

    @Kameron

    wow, that's crazy. And people wonder why corporate espionage happens so often. The way I look at it, if I got these routers, someone else got similar configs, and they probably aren't as scrupulous as I am.

    Being a sysadmin requires a lot of responsibility sometimes.