Hi All,<br><br>We have a Rancid installation on an internal IP. Everything is pretty much default and only our Cisco devices are managed through Rancid. I just noticed a truck sized hole in my config however. <br><br>If you enter <a href="http://192.168.32.2/cgi-bin/cvsweb.cgi/">http://192.168.32.2/cgi-bin/cvsweb.cgi/</a> on your browser, you can access the config files for all our devices without a password.<br>
<br>I have limited the IPs which can reach port 80 but that is far from enough. What must I change to protect this data? Is there a howto? Did I miss a section of the installation manual? <br><br>Nicky.<br>