[c-nsp] Change Pix passwds, without getting logged?
Ryan O'Connell
ryan at complicity.co.uk
Fri Mar 24 06:04:07 EST 2006
On 24/03/2006 11:00, Terje Bless wrote:
> We recently had one of our Pix firewalls get compromised, probably through an
> unsecured serial console access, and have their passwords changed. Nothing
> really out of the ordinary except the Pix is set to log to an external syslog
> server and the password change commands are nowhere to be found in the logs.
>
This could have been achieved by adding a null route to the syslog
server or similar.
More information about the cisco-nsp
mailing list