On Fri, 16 Jun 2000 [EMAIL PROTECTED] wrote:
> Greetings,
>
> I've a 7000 router in a remote location and it seems
> the local admin hacking in by using the power outage
> excuse. He changes the password by rebooting the
> router and peeks around. I'm trying to catch him in
> the act or log his activities, any ideas?????
Run NOCOL or similar to track when the router goes down and call
them or attempt to telnet in (which will likely be unsuccessful).
Change the console port parameters to an oddball speed.
Install a UPS.
Set up an SNMP community with appropriate filters so you can put things
back to normal.
Does other gear on the same circuit also have these "power problems"?
Is this on a production network?
Why hasn't this individual been fired yet?
--
Jay Hennigan - Network Administration - [EMAIL PROTECTED]
NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/
WestNet: Connecting you to the planet. 805 884-6323
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
