S-242: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor
Cetrain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from entering an affected interface. The risk is LOW. Exploitation of this vulnerability may result in a blocked interface input queue, memory leak, and/or restart of the device. Repeated exploitation of this vulnerability may result in an extended denial of service.
I'm trying to write a login script to ssh into a cisco switch that will run some command remotely. Similar to this expect script located here:
SSH login expect shell script to supply username and password
However, that script does not work with cisco ios. Anyway know what the best way to... (1 Reply)
Hi all, This will save me a tremendous amount of time if i can get this script working. I have alot of sites i need to connect to using cisco vpn and then ssh onto servers to retrieve some info. Its all repetitative and it needs scripted.
what i have done so far is put this into a script.
... (0 Replies)
Who in the 64 ubuntu adopted cisco vpn client on the wireless network
I downloaded the cisco vpn client for linux but run vpn_install make file when an error in cisco with the help of the document read in half a day, nor do I know this vpn client in the 64 systems in use.
Who can help me, a... (1 Reply)
Hello all
Are you familiar with Patrol 3.5 software ?
If so , I would like to know if in Patrol logs , we could find users' history ?
Thank you (0 Replies)
router.db(5) File Formats Manual router.db(5)NAME
router.db - rancid group configuration file
DESCRIPTION
router.db contains information for devices which are members of a rancid group. control_rancid(1) reads this file to compile a list of
devices which it should collect.
SYNTAX
One device is listed per-line, where the syntax is:
<device_name>:<device_type>:<state>[:comments]
For example:
scooby.shrubbery.net:cisco:up
The fields are as follows:
<device_name>
The name of the device, which must resolve via gethostbyname, used as the argument to telnet(1), rsh(1), or ssh(1), to connect to
the device. Once converted to lower-case, this also becomes the name of the file used to store the configuration under
$BASEDIR/<group>/configs.
Experience has shown that using the device's FQDN (Fully Qualified Domain Name) works best, as in the example above.
<device_type>
The type of device from the set:
agm A Cisco Anomaly Guard Module (aka Riverhead). Suspect that at some point the UI will become more cisco-like and it can be
merged with the IOS rancid module.
alteon An Alteon WebOS switches.
arista An Arista Networks device.
avocent
An Avocent Cyclades console server.
baynet A Bay Networks router.
cat5 A Cisco catalyst series 5000 and 4000 switches (i.e.: running the catalyst OS, not IOS).
cisco A Cisco router, PIX, or switch such as the 3500XL or 6000 running IOS (or IOS-like) OS, but not IOS-XR.
cisco-nx
A Cisco Nexus switch/router.
cisco-xr
A Cisco device running IOS-XR.
css A Cisco content services switch.
enterasys
An enterasys NAS. This is currently an alias for the riverstone device type.
erx A Juniper E-series edge router.
extreme
An Extreme switch.
ezt3 An ADC-Kentrox EZ-T3 mux.
f5 A F5 BigIP switch.
force10
A Force10 router.
fortigate
A Fortinet firewall.
foundry
A Foundry router, switch, or router-switch. This includes HP Procurve switches that are OEMs of Foundry products, such as
the HP9304M.
hitachi
A Hitachi router.
hp A HP Procurve switch such as the 2524 or 4108 procurve switches. Also see the foundry type.
juniper
A Juniper router.
mikrotik
A Mikrotik router.
mrtd A host running the (Merit) MRTd daemon.
netscalar
A Netscalar load balancer.
netscreen
A Netscreen firewall.
procket
A Procket router.
redback
A Redback router, NAS, etc.
riverstone
A Riverstone NAS or Cabletron (starting with version ~9.0.3) router.
smc A SMC switch (some Dell OEMs).
tnt A Lucent TNT.
zebra Zebra routing software.
<state>
The state is either "up", or some other arbitrary value, e.g. "down". If the device is not marked "up" the device's configuration
will not be collected. It is highly recommended that comments are made for any router not listed as up, so as to indicate the
reason a router is not to be polled, e.g.:
dial1.paris:cisco:up:
core1.paris:cisco:down:in testing until 5/5/2001.
core2.paris:cisco:ticketed:Ticket 6054234, 5/3/2001
border1.paris:juniper:up:
The script "downreport" in util/ can be used to produce a report of routers in router.db that are not marked "up".
[comments]
Freeform string to describe the current state of the router.
A ``#'' at the beginning of a line is a comment; the entire line is ignored.
If a device is deleted from the router.db file, then rancid will clean up by removing the device's config file from
$BASEDIR/<group>/configs. The device will be removed from the revision control system. It is possible, in most cases, to resurrect or
check-out copies of deleted device configurations.
FILES
$BASEDIR/<group>/router.db
Configuration file described here, where <group> is a device group name defined in the variable LIST_OF_GROUPS within
$BASEDIR/etc/rancid.conf.
SEE ALSO control_rancid(1), rancid(1), rancid.conf(5)
24 April 2011 router.db(5)