[c-nsp] Change Pix passwds, without getting logged?

Church, Chuck cchurch at netcogov.com
Fri Mar 24 18:51:04 EST 2006


If the console wasn't set to timeout, and someone connected directly
into enable mode, they wouldn't have needed to reboot it.  Is it
possible the config (and current password) wasn't saved, and the Pix
just crashed?  It would have booted up with the old config/password.  
 
 
Chuck Church
Network Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services
Enterprise Network Engineering
Home Office - 864-335-9473 
Cell - 864-266-3978
cchurch at netcogov.com
 


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Terje Bless
Sent: Friday, March 24, 2006 6:18 PM
To: Cisco NSP
Subject: Re: [c-nsp] Change Pix passwds, without getting logged?

Church, Chuck <cchurch at netcogov.com> wrote:

>Well, if someone had physical access to the Pix, they probably power
>cycled it, and did a password recovery.  A Pix with no power can't send
>any syslog messages :)  The standby came up and took over while the
>primary was in rommon and being recovered. 

Well, as best we can tell the physical security is ok. The console
access is
through a Cyclades serial console server which was not secured.


-- 
  These are the same customers you are referring to whom Microsoft
thought
  would need MS Bob and the Talking Paperclip?   One thing is to give
them
  enough rope to hang themselves,  but a boobytrapped thermonuclear
weapon
  running on a rand(time) countdown... Is that really wise?   - Me to MS
rep.
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list