Re: Nipper and Cisco configuration results

2009-04-04 Thread Subba Rao
and Rlogin.  Is there any particular sequence that IOS processes the vty access? Subba Rao --- On Thu, 4/2/09, Lee ler...@gmail.com wrote: From: Lee ler...@gmail.com Subject: Re: Nipper and Cisco configuration results To: castellan2004-...@yahoo.com Cc: nanog@nanog.org Date: Thursday, April 2, 2009, 11

Re: Nipper and Cisco configuration results

2009-04-04 Thread Lee
On 4/3/09, Subba Rao castellan2004-...@yahoo.com wrote: I did see a few false positives too with Nipper. What do you think about Router Audit Tool (RAT) instead? RAT is the approved IOS security audit tool at $work, so it doesn't matter what I think about it :) But it is fairly nice ... as

Re: Nipper and Cisco configuration results

2009-04-04 Thread Lee
On 4/4/09, Subba Rao castellan2004-...@yahoo.com wrote: I looked at the configurations yesterday on the routers. The vty line does not have any transport line below it. All the routers showing Rlogin enabled have similar configuration. What are the default services that are enabled for vty

Re: Nipper and Cisco configuration results

2009-04-04 Thread Tim Durack
The problem I have with both RAT and Nipper is they're geared towards security and I'm more interested in verifying that the routers are configured correctly.  What kind of tools are people using for that? For an example of the type of thing I'm interested in, see filter_audit in the

Re: Nipper and Cisco configuration results

2009-04-03 Thread Subba Rao
--- On Thu, 4/2/09, Lee ler...@gmail.com wrote: From: Lee ler...@gmail.com Subject: Re: Nipper and Cisco configuration results To: castellan2004-...@yahoo.com Cc: nanog@nanog.org Date: Thursday, April 2, 2009, 11:31 PM On 4/2/09, Subba Rao castellan2004-...@yahoo.com wrote: I am using Nipper

Re: Nipper and Cisco configuration results

2009-04-03 Thread Christopher
On Thu, 2009-04-02 at 15:33 -0700, Subba Rao wrote: I am using Nipper for verifying my Cisco configuration. Nipper is finding the rlogin service that is not in the configuration. I have searched the access lists and do not see it anywhere. The explanation by Nipper about this finding,

Re: Nipper and Cisco configuration results

2009-04-03 Thread Subba Rao
not find any examples on using ncat. Subba Rao --- On Fri, 4/3/09, Christopher chris...@pricegrabber.com wrote: From: Christopher chris...@pricegrabber.com Subject: Re: Nipper and Cisco configuration results To: nanog nanog@nanog.org Date: Friday, April 3, 2009, 12:36 PM On Thu, 2009-04-02 at 15:33

Nipper and Cisco configuration results

2009-04-02 Thread Subba Rao
I am using Nipper for verifying my Cisco configuration.  Nipper is finding the rlogin service that is not in the configuration.  I have searched the access lists and do not see it anywhere.  The explanation by Nipper about this finding, Telnet protocol implemented by this service is

Re: Nipper and Cisco configuration results

2009-04-02 Thread Mike Lewinski
Subba Rao wrote: Can someone explain why Nipper is saying Rlogin is enabled when I do not see it in the configuration file? Is there something else that I need to be looking at? It's been my experience that the routers are all listening on that port by default, and we notice it as a

RE: Nipper and Cisco configuration results

2009-04-02 Thread Jo¢
-Original Message- From: Subba Rao [mailto:castellan2004-...@yahoo.com] Sent: Thursday, April 02, 2009 6:33 PM To: nanog@nanog.org Subject: Nipper and Cisco configuration results I am using Nipper for verifying my Cisco configuration.  Nipper is finding the rlogin service

RE: Nipper and Cisco configuration results

2009-04-02 Thread Subba Rao
: Nipper and Cisco configuration results To: castellan2004-...@yahoo.com, nanog@nanog.org Date: Thursday, April 2, 2009, 8:18 PM What IOS version are you using? I don't see that behavior (rlogin/rsh) by default, but I'm a few revisions behind on the latest. @ 12.2 I do see from the router: RCMD-4

Re: Nipper and Cisco configuration results

2009-04-02 Thread Stephen Fisher
On Thu, Apr 02, 2009 at 04:54:26PM -0600, Mike Lewinski wrote: Dec 15 17:27:16 MST: %RCMD-4-RSHPORTATTEMPT: Attempted to connect to RSHELL from a.b.c.d Everything I've read indicates that additional specific configuration is required to actually enable this service. Still, it's always

RE: Nipper and Cisco configuration results

2009-04-02 Thread Jo¢
problem a bit? -Joe From: Subba Rao [mailto:castellan2004-...@yahoo.com] Sent: Thursday, April 02, 2009 8:25 PM To: nanog@nanog.org; Jo¢ Subject: RE: Nipper and Cisco configuration results I did not scan

RE: Nipper and Cisco configuration results

2009-04-02 Thread Subba Rao
: Nipper and Cisco configuration results To: castellan2004-...@yahoo.com, nanog@nanog.org Date: Thursday, April 2, 2009, 9:09 PM Subba, Sorry, perhaps I am confussed about the nature of your question? Did you have acls up for logging these attempts and they weren't logged? or are you asking for help

RE: Nipper and Cisco configuration results

2009-04-02 Thread Jo¢
Rao [mailto:castellan2004-...@yahoo.com] Sent: Thursday, April 02, 2009 9:43 PM To: nanog@nanog.org; Jo¢ Subject: RE: Nipper and Cisco configuration results Joe, Thank you for replying. I am asking about the Nipper complaint. Why

Re: Nipper and Cisco configuration results

2009-04-02 Thread Lee
On 4/2/09, Subba Rao castellan2004-...@yahoo.com wrote: I am using Nipper for verifying my Cisco configuration. Nipper is finding the rlogin service that is not in the configuration. I have searched the access lists and do not see it anywhere. The explanation by Nipper about this finding,