Hmmm, could you expand on this notion? How could
it be a vulnerability if the admin can't even get in?
My real problem is that I need to monitor the switch
in order to diagnose a network connectivity issue.
I believe the web based management has some visual
monitoring that could be helpful.
Thanks,
Ray Mosely, CCNA
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Dale Holmes
Sent: Thursday, September 21, 2000 10:15 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Catalyst 2900XL Web Management password
You should then immediately issue a "no ip http server" to disable the web
interface and never use it again. It is a security vulnerability that you
should never leave open...
>From: Ole Drews Jensen <[EMAIL PROTECTED]>
>Reply-To: Ole Drews Jensen <[EMAIL PROTECTED]>
>To: "'Ray Mosely'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: Catalyst 2900XL Web Management password
>Date: Thu, 21 Sep 2000 09:20:41 -0500
>
>Try the following:
>
>Switch(config)#ip http server
>Switch(config)#ip http authentication enable
>
>This tells the switch to use the enable password for web access too.
>
>OR
>
>Switch(config)#ip http server
>Switch(config)#ip http authentication local
>Switch(config)#username ray password mosely
>
>This tells the switch to use the local user database for access, plus it
>will add you to it.
>
>As for books, I am currently reading the BCMSN book by Karen Webb which is
>a
>little too technical sometimes. I also just bought the CCIE LAN Switching
>book which is a heavy thing, but after having flipped some pages I think it
>looks pretty good. There are many good reviews about it. Also, many people
>think that the Exam Cram book is good too - but I haven't seen it.
>
>Hth,
>
>Ole
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Ole Drews Jensen
> Systems Network Manager
> CCNA, MCSE, MCP+I
> RWR Enterprises, Inc.
> [EMAIL PROTECTED]
> http://www.oledrews.com/ccnp
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
>
>-----Original Message-----
>From: Ray Mosely [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, September 21, 2000 8:41 AM
>To: [EMAIL PROTECTED]
>Subject: Catalyst 2900XL Web Management password
>
>
>
>I've got a 2900XL that my predecessor set up.
>I went through the Cisco routine for recovering
>from lost passwords, and have good console and
>telnet access to the CLI.
>
>But I can't get into the Web interface. It asks
>for a username and password.
>
>Two questions:
>1. how can I change the web interface username
> and password from the CLI?
>2. any primers or tutorials on Catalyst switches
> than anyone can recommend? Quick and dirty,
> and on the Web, just until I can get some
> books ordered.
>
>Thanks,
>Ray Mosely, CCNA
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_________________________________
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_________________________________
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
