PROTECTED]]
Sent: Saturday, June 17, 2000 5:19 AM
To: [EMAIL PROTECTED]
Subject: RE: Help me catch a Hacker
I use Cisco Secure ACS, which is great because It logs all attempts to hack
into the router whether successful or failed one's, you can apply it to
Asyncs, VTY, and console ports, b
- Original Message -
> Message-ID: <00c501bfd7b5$66370f00$[EMAIL PROTECTED]>
> From: "Johnny Dedon" <[EMAIL PROTECTED]>
> To: "John Neiberger" <[EMAIL PROTECTED]>
> Subject: Re: Help me catch a Hacker
> Date: Fri, 16 Jun 2000 12:0
If I may, I believe that you have two options here.
The fact is that you've already 'caught' the person
from the sounds of your message. One would then assume
that you desire a prevention method for future
'attacks.' Since this person has physical access to
the router, you may only be left with a
Hi,
If you have a Network Management station you can
enable Cold Start Traps to alert you when the router
has been restarted. Logging will not do you any good
if he is powering down the router. I would also
suggest implementing TACACS+. There is a log file that
stores details about every command
ng dye canisters
that the banks use...
Just a thought...
Charles
-Original Message-
From: Tom Thomas [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 19, 2000 2:10 PM
To: Cthulu, CCIE Candidate; [EMAIL PROTECTED]
Subject: RE: Help me catch a Hacker
I don't think you folks understand
: cisco
Conversation: Help me catch a Hacker
Subject: Help me catch a Hacker
Greetings,
I've a 7000 router in a remote location and it seems
the local admin hacking in by using the power outage
excuse. He changes the password by rebooting the
router and peeks around. I'm trying t
Nabil
Perhaps what you should be asking is to help you avoid a hacker.
By your email it seems that you know who this person is and how they did
it.
With your router having a known door open you're just asking for
trouble.
Change your passwords on each port, get a UPS for power outages and move
o
gimme his name and address and i'll take care of himlol..just
kidding..
Try a IDS system ( either host-based or network based )basically it
will tell u and alert u rightaway if there is an intrusion on your network
or host ( ie server, firewall, etc.. )
these are some network security si
To: [EMAIL PROTECTED]
Subject: Help me catch a Hacker
Greetings,
I've a 7000 router in a remote location and it seems
the local admin hacking in by using the power outage
excuse. He changes the password by rebooting the
router and peeks around. I'm trying to catch him in
the act or
1) UPS
2) Tacacs+
3) Fire him
-Brad
<[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Greetings,
>
> I've a 7000 router in a remote location and it seems
> the local admin hacking in by using the power outage
> excuse. He changes the password by rebooting the
>
On Fri, 16 Jun 2000 [EMAIL PROTECTED] wrote:
> Greetings,
>
> I've a 7000 router in a remote location and it seems
> the local admin hacking in by using the power outage
> excuse. He changes the password by rebooting the
> router and peeks around. I'm trying to catch him in
> the act or lo
You could wait until it reboots again (if you're aware of exactly when it
occurs) and then telnet in yourself if see if he's using the console port.
If so, send him a message via telnet to get the heck off of there. Catching
him in the act would probably be a good deterrent. I believe the comma
Greetings,
I've a 7000 router in a remote location and it seems
the local admin hacking in by using the power outage
excuse. He changes the password by rebooting the
router and peeks around. I'm trying to catch him in
the act or log his activities, any ideas?
Thanks,
Nabil
13 matches
Mail list logo