Hi This was a temporary situation bcoz it was a mistake by the guy who deactivated them, he forgot to put them back :) but everything is normal now
The question here, how to verify that there is no script was put on it? Best Regards, Walaa Abdel Razzak -----Original Message----- From: sth...@nethelp.no [mailto:sth...@nethelp.no] Sent: Sun 18/10/2009 22:27 To: Walaa Abdel razzak Cc: ja...@puck.nether.net; juniper-nsp@puck.nether.net Subject: Re: [j-nsp] is it an attack or not? > Actually, we had to deactivate the filter that was doing this for some time > and during that time, we got the message in addition to the below messages > > Oct 18 09:25:20 M320-01-re0 re1 mgd[33869]: %INTERACT-6-UI_JUNOSCRIPT_CMD: > User 'root' used JUNOScript client to run command 'set-login-name > login-name=Juniper123' > Oct 18 09:25:20 M320-01-re0 re1 mgd[33869]: %INTERACT-6-UI_JUNOSCRIPT_CMD: > User 'Juniper123' used JUNOScript client to run command 'commit-configuration' > Oct 18 09:25:20 JED1-IGR-M320-01-re0 re1 mgd[33869]: %INTERACT-5-UI_COMMIT: > User 'Juniper123' requested 'commit' operation (comment: none) If you have an Internet-facing router and haven't protected it from ssh/telnet/Junoscript etc coming from the Internet, you are *asking* for trouble. Steinar Haug, Nethelp consulting, sth...@nethelp.no _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
