Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src / Print Next >>

From: "Marcin" <sec@firlag.pl.>
To: <bugtraq@securityfocus.com.>, <tac@cisco.com.>
Subject: strange behavior on Cisco 2801
Date: Thu, 1 Feb 2007 20:46:33 +0100
MIME-Version: 1.0
Content-Type: text/plain;
        charset="iso-8859-2"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
thread-index: AcdGNjI4w5+hi1oGSJyj0Rg6Yv85iQAA2L+Q
X-Virus-Scanned: antivirus-gw at tyumen.ru


Hi!
 
im running Cisco IOS software on 2801 router (C2801-ADVIPSERVICESK9-M), 
Version 12.4(3e), RELEASE SOFTWARE (fc2). I have few problems and i have
seen strange behavior: after few hours there was no responding from router,
no nat etc. After restart everything was ok for 10-12 hours.
 
I have ONLY one user name to permit logon via ssh to router: marcin and
not dictionary password (14 symbols)
 
I logon 2 hours ago and i use command "who". I was very surprised, because
i saw something in 1 minute 2 different usernames and NO USERNAME on vty
194.
 
i looks like that:
 
router#who                  
    Line       User       Host(s)              Idle       Location
  vty 194                 idle                 00:00:01 nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl
 
  Interface    User               Mode         Idle     Peer Address
 
router#who
    Line       User       Host(s)              Idle       Location
  vty 194      aivankovic idle                 00:00:04 nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl
 
  Interface    User               Mode         Idle     Peer Address
 
router#who
    Line       User       Host(s)              Idle       Location
  vty 194                 idle                 00:00:01 nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl
 
  Interface    User               Mode         Idle     Peer Address
 
router#who
    Line       User       Host(s)              Idle       Location
  vty 194      aivankovic idle                 00:00:04 nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl

router#who
    Line       User       Host(s)              Idle       Location
  vty 194                 idle                     00:00:01
nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl
 

router#sh users 
    Line       User       Host(s)              Idle       Location
  vty 194      akrizan    idle                 00:00:40 nt.math.nknu.edu.tw
* vty 195      marcin     idle                 00:00:00 210-az4-2.acn.waw.pl

What is going on? have you heard about similar incident? 
 
Best regards
 
Marcin
 

<< Previous INDEX Search src / Print Next >>

Партнёры:

Хостинг: