Cisco clean access web login page can be modified via html editing. I only want to do this to remove the Cisco Clean Access branding from the login page on the bottom left hand corner. If a Black Hat plugged into our network they would get the web auth (authentication) page from Cisco Clean Access. They would know it’s CCA and then be able to work out a hack to get by it. Okay now lets modify the CCA web login page so you don’t know its a Cisco product!
So if you feel you have to make that change, the file to look at is /perfigo/access/tomcat/webapps/auth/perfigo_login.jsp on the CAS. Look at the last few lines of this file.
Okay to modify perfigo_login.jsp just type
#vi perfigo_login.jsp
scroll down and find the lines mentioned below and hit the “d” key to remove the lines one at a time. Or you can modify them by pressing the “i” key
once finished hit the “esc” key and then type “wq!”
<%=btag%>
<font size=’1′>Powered by <a href=”http://www.cisco.com”>Cisco Clean Access</a></font>
<%=etag%>
Remove – <font size=’1′>Powered by <a href=”http://www.cisco.com”>Cisco Clean Access</a></font>
I also recommend removing the top of the html as follows
// @(#) perfigo_login.jsp Mon Feb 11 20:56:20 PST 2008
//
// Copyright 2006 Cisco Systems, Inc. All rights reserved.
// CISCO PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
// Any unauthorized modification of this source code will be
// considered a violation of license terms and will void any warranty.
Avoiding the keen eye of a black hat isn’t a good a motivation to make this change. They could just google ‘perfigo_weblogin.jsp’ and find out they’re dealing with a cicso based authentication system (partially thanks to this post of yours). A better justification to do this would be for the shear sake of customization.
GOOD POINT! Never the less, security by obscurity never hurt anyone.