[c-nsp] 4510 reporting dozens of config changes throughout the day...
Roland Dobbins
rdobbins at arbor.net
Sun Jun 7 23:00:22 EDT 2009
On Jun 8, 2009, at 9:47 AM, Steven Fischer wrote:
> Any ideas on what could be causing this?
Are you doing config diffs in order to ensure that no changes are in
fact being made? Have you looked through the AAA logs to look at
logins/logouts and commands executed by authorized personnel?
You should consider the possibility that someone other than authorized
personnel within your organization is making changes, and investigate
accordingly - especially if all the usual BCPs around iACLs, vty ACLs,
AAA, strong local account/password, et. al. haven't yet been
implemented.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Unfortunately, inefficiency scales really well.
-- Kevin Lawton
More information about the cisco-nsp
mailing list