N-Base Switch Vulnerability
Upgrading to a newer software revision is the only effective way to solve these security problems. Updated software is available from http://www.nbase.com. A post was sent to the Bugtraq mailing list by Geoff Cummins <geoff@NBASE.com> detailing the additional security features found in the updated software. They are as follows.
set-full-sec enable (this disables the backdoor passwords)
set-sw-file XXX (where XXX is the name you want to call your SNMP software update file)
set-par-file XXX (where XXX is the name you want to call your parameters file)
set-passwd <return> (this will display a prompt to enter a new password)
set-comm read XXX (where XXX is the new read community)
set-comm write XXX (where XXX is the new write community)
These steps should secure the mentioned MegaSwitch II configurations.
For GigaFrame Switch NH3012 2.1
set-comm read XXX
set-comm write XXX
del-user user (By default there are two users "super", and "user". "super" has supervisor priveldges, "user" is just a default. To secure the system, you should delete the "user" account.)