Malicious hackers can gain plenty from breaking into a Cisco router, switch, or a more specialized network appliance. Putting it frankly, whoever controls these devices controls the network, and their taking over servers and workstations afterward is only a matter of time. Because many system administrators are still unaware of this fact, some of the methods efficiently used by crackers to break into multiple Cisco boxes are ridiculously simple. Such methods include default passwords and SNMP community names , easy password/community name guessing, and snatching router or switch configuration files from TFTP servers. However, properly developed exploits that allow gaining enable on Cisco appliances also exist, and their amount is growing as more and more data on IOS and other system reverse engineering becomes available.
Writing these exploits may not be easy and platform dependence is strong, but it is by no means impossible to do. Thorough product security testing by Cisco is the key to preventing the development of such exploits, but it can be strongly reinforced by independent device security auditing, as described in Appendix A. Such auditing must become an integral part of any serious and complete network penetration test.