[j-nsp] sshd log messages !!

Harri Makela harri_makela at yahoo.com
Wed Feb 26 17:21:46 EST 2014 

Hi There

I am constantly getting these log messages for last few days:-

sshd[21015]: Failed password for root from X.X.103.152 port 21067 ssh2
sshd[21016]: Received disconnect from X.X.103.152: 11: Normal Shutdown, Thank you for playing


Are these indicating any brute-force attack ?Thanks
HM




On Wednesday, 26 February 2014, 21:15, "juniper-nsp-request at puck.nether.net" <juniper-nsp-request at puck.nether.net> wrote:
 
Send juniper-nsp mailing list submissions to
    juniper-nsp at puck.nether.net

To subscribe or unsubscribe via the World Wide Web, visit
    https://puck.nether.net/mailman/listinfo/juniper-nsp
or, via email, send a message with subject or body 'help' to
    juniper-nsp-request at puck.nether.net

You can reach the person managing the list at
    juniper-nsp-owner at puck.nether.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of juniper-nsp digest..."


Today's Topics:

   1. Re: proposed changes to "clear bgp neighbor" (ryanL)
   2. Re: proposed changes to "clear bgp neighbor" (Phil Shafer)
   3. Re: proposed changes to "clear bgp neighbor" (Eric Van Tol)
   4. Re: proposed changes to "clear bgp neighbor" (Jerry Dent)
   5. Re: proposed changes to "clear bgp neighbor" (Brent Sweeny)
   6. Re: proposed changes to "clear bgp neighbor"
      (Fernando Garcia Fernandez)
   7. Re: proposed changes to "clear bgp neighbor" (ryanL)
   8. Re: proposed changes to "clear bgp neighbor"
      (Jonas Frey (Probe Networks))
   9. Re: proposed changes to "clear bgp neighbor" (sthaug at nethelp.no)


----------------------------------------------------------------------

Message: 1
Date: Wed, 26 Feb 2014 12:22:51 -0500
From: ryanL <ryan.landry at gmail.com>
To: phil at juniper.net
Cc: Juniper for Network Service Providers
    <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID:
    <CAK_-TSaYrdjhuAtsNbOKn2nrKCrJjGB3ZWTR_cLJiZKuXcXuVw at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

it's a nice-to-have, maybe? but this sounds more like an opportunity for
you to sell some JNCIA courses. i mean, how long has junos been around now?


On Wed, Feb 26, 2014 at 10:36 AM, Phil Shafer <phil at juniper.net> wrote:

> Juniper users,
>
> We've been asked to make a change the "clear bgp neighbor" command
> to make the neighbor or "all" argument mandatory.  The root cause
> is the severe impact of "clear bgp neighbor" and the increasing
> accidental use of this command without a specific neighbor.
>
> In general, we avoid changing commands to add mandatory arguments,
> but my feeling is that the impact and severity of this specific
> command makes this an acceptable occasion for such a change.
>
> I'm looking for feedback about this change.  My working assumption
> is that "clear bgp neighbor" is a sufficiently rare command and
> would not be used in automation/scripts, so the impact of making
> the neighbor/all argument mandatory would be minimal.  Is this
> assumption accurate?
>
> Thanks,
>  Phil
>
> [I've set reply-to to myself to avoid impacting the list]
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


------------------------------

Message: 2
Date: Wed, 26 Feb 2014 13:44:42 -0500
From: Phil Shafer <phil at juniper.net>
To: ryanL <ryan.landry at gmail.com>
Cc: Juniper for Network Service Providers
    <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID: <201402261844.s1QIigGL031086 at idle.juniper.net>
Content-Type: text/plain

ryanL writes:
>it's a nice-to-have, maybe? but this sounds more like an opportunity for
>you to sell some JNCIA courses. i mean, how long has junos been around now?

Not selling anything; just trying to solve a problem multiple
customers have reported and escalated.  I'm a software developer,
working on the UI code (CLI, MGD, configuration, XML API, scripting)
for 17+ years.

JUNOS 3.0 (the first release with the ui code) shipped during the
summer of 1998, IIRC.

Thanks,
Phil



------------------------------

Message: 3
Date: Wed, 26 Feb 2014 14:24:21 -0500
From: Eric Van Tol <eric at atlantech.net>
To: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID:
    <2C05E949E19A9146AF7BDF9D44085B865F70CC1FB1 at exchange.aoihq.local>
Content-Type: text/plain; charset="us-ascii"

> it's a nice-to-have, maybe? but this sounds more like an opportunity for
> you to sell some JNCIA courses. i mean, how long has junos been around
> now?

Confusing comment, since this enhancement isn't about CLI inexperience.  It doesn't matter how long Junos has been around or how experienced someone is, it's still too incredibly easy to hit 'Enter' too soon and clear all your BGP neighbors by accident.

I don't see a problem with adding the requirement 'all'.

-evt



------------------------------

Message: 4
Date: Wed, 26 Feb 2014 13:29:18 -0600
From: Jerry Dent <effinjdent at gmail.com>
To: Eric Van Tol <eric at atlantech.net>
Cc: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID:
    <CADUFW=WkYVHA1jLWJjRWQKhLroOtRpAGGrwQtZW_VJLai33bYg at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

Just add a line "Reset all bgp sessions? [Y/N]" for confirmation.


On Wed, Feb 26, 2014 at 1:24 PM, Eric Van Tol <eric at atlantech.net> wrote:

> > it's a nice-to-have, maybe? but this sounds more like an opportunity for
> > you to sell some JNCIA courses. i mean, how long has junos been around
> > now?
>
> Confusing comment, since this enhancement isn't about CLI inexperience.
>  It doesn't matter how long Junos has been around or how experienced
> someone is, it's still too incredibly easy to hit 'Enter' too soon and
> clear all your BGP neighbors by accident.
>
> I don't see a problem with adding the requirement 'all'.
>
> -evt
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


------------------------------

Message: 5
Date: Wed, 26 Feb 2014 11:04:54 -0800
From: Brent Sweeny <sweeny at indiana.edu>
To: phil at juniper.net, Juniper for Network Service Providers
    <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID: <530E3AD6.2010507 at indiana.edu>
Content-Type: text/plain; charset=ISO-8859-1

Phil, I think what you propose sounds like a reasonable and
appropriately-scoped response to a real problem.
  Brent Sweeny
  Indiana University

On 2/26/2014 7:36 AM, Phil Shafer wrote:
> Juniper users,
> 
> We've been asked to make a change the "clear bgp neighbor" command
> to make the neighbor or "all" argument mandatory.  The root cause
> is the severe impact of "clear bgp neighbor" and the increasing
> accidental use of this command without a specific neighbor.
> 
> In general, we avoid changing commands to add mandatory arguments,
> but my feeling is that the impact and severity of this specific
> command makes this an acceptable occasion for such a change.
> 
> I'm looking for feedback about this change.  My working assumption
> is that "clear bgp neighbor" is a sufficiently rare command and
> would not be used in automation/scripts, so the impact of making
> the neighbor/all argument mandatory would be minimal.  Is this
> assumption accurate?
> 
> Thanks,
>  Phil
> 
> [I've set reply-to to myself to avoid impacting the list]
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 


------------------------------

Message: 6
Date: Wed, 26 Feb 2014 21:04:54 +0100
From: Fernando Garcia Fernandez <listas at cutre.net>
To: Eric Van Tol <eric at atlantech.net>
Cc: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID: <CA92BFD8-E457-4AEE-8FD7-C0771FCD91E6 at cutre.net>
Content-Type: text/plain; charset=windows-1252

+1 to include the ?all? option.

In fact, coming from the IOS world, it amused me when I discovered that there was no ?*? or ?all? option to clear all neighbors.


El 26/02/2014, a las 20:24, Eric Van Tol <eric at atlantech.net> escribi?:

>> it's a nice-to-have, maybe? but this sounds more like an opportunity for
>> you to sell some JNCIA courses. i mean, how long has junos been around
>> now?
> 
> Confusing comment, since this enhancement isn't about CLI inexperience.  It doesn't matter how long Junos has been around or how experienced someone is, it's still too incredibly easy to hit 'Enter' too soon and clear all your BGP neighbors by accident.
> 
> I don't see a problem with adding the requirement 'all'.
> 
> -evt
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp




------------------------------

Message: 7
Date: Wed, 26 Feb 2014 14:25:00 -0500
From: ryanL <ryan.landry at gmail.com>
To: Phil Shafer <phil at juniper.net>
Cc: Juniper for Network Service Providers
    <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID:
    <CAK_-TSajcGxr6N3-AQ7w6FRmz61Fh+w8Y30x0FHkZSLZY8EemQ at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

yeah, i'm not slagging. just seems like poor training for newbie noc
engineers or something. this is a pretty rookie error, in my view, but i've
been around almost as long as you have ;-)


On Wed, Feb 26, 2014 at 1:44 PM, Phil Shafer <phil at juniper.net> wrote:

> ryanL writes:
> >it's a nice-to-have, maybe? but this sounds more like an opportunity for
> >you to sell some JNCIA courses. i mean, how long has junos been around
> now?
>
> Not selling anything; just trying to solve a problem multiple
> customers have reported and escalated.  I'm a software developer,
> working on the UI code (CLI, MGD, configuration, XML API, scripting)
> for 17+ years.
>
> JUNOS 3.0 (the first release with the ui code) shipped during the
> summer of 1998, IIRC.
>
> Thanks,
>  Phil
>
>


------------------------------

Message: 8
Date: Wed, 26 Feb 2014 21:37:20 +0100
From: "Jonas Frey (Probe Networks)" <jf at probe-networks.de>
To: phil at juniper.net
Cc: Juniper for Network Service Providers
    <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID: <1393447040.4974.178.camel at wks02>
Content-Type: text/plain; charset="utf-8"

+1 for the "all" requirement

Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer:
> Juniper users,
> 
> We've been asked to make a change the "clear bgp neighbor" command
> to make the neighbor or "all" argument mandatory.  The root cause
> is the severe impact of "clear bgp neighbor" and the increasing
> accidental use of this command without a specific neighbor.
> 
> In general, we avoid changing commands to add mandatory arguments,
> but my feeling is that the impact and severity of this specific
> command makes this an acceptable occasion for such a change.
> 
> I'm looking for feedback about this change.  My working assumption
> is that "clear bgp neighbor" is a sufficiently rare command and
> would not be used in automation/scripts, so the impact of making
> the neighbor/all argument mandatory would be minimal.  Is this
> assumption accurate?
> 
> Thanks,
>  Phil
> 
> [I've set reply-to to myself to avoid impacting the list]
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20140226/ad7a1719/attachment-0001.sig>

------------------------------

Message: 9
Date: Wed, 26 Feb 2014 22:10:50 +0100 (CET)
From: sthaug at nethelp.no
To: phil at juniper.net
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor"
Message-ID: <20140226.221050.71112673.sthaug at nethelp.no>
Content-Type: Text/Plain; charset=us-ascii

> We've been asked to make a change the "clear bgp neighbor" command
> to make the neighbor or "all" argument mandatory.  The root cause
> is the severe impact of "clear bgp neighbor" and the increasing
> accidental use of this command without a specific neighbor.
> 
> In general, we avoid changing commands to add mandatory arguments,
> but my feeling is that the impact and severity of this specific
> command makes this an acceptable occasion for such a change.
> 
> I'm looking for feedback about this change.  My working assumption
> is that "clear bgp neighbor" is a sufficiently rare command and
> would not be used in automation/scripts, so the impact of making
> the neighbor/all argument mandatory would be minimal.  Is this
> assumption accurate?

For us, yes. Fully support the idea of requiring an "all" argument.

Steinar Haug, AS 2116


------------------------------

Subject: Digest Footer

_______________________________________________
juniper-nsp mailing list
juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

------------------------------

End of juniper-nsp Digest, Vol 135, Issue 29
********************************************

More information about the juniper-nsp mailing list