S-242: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor
Cetrain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from entering an affected interface. The risk is LOW. Exploitation of this vulnerability may result in a blocked interface input queue, memory leak, and/or restart of the device. Repeated exploitation of this vulnerability may result in an extended denial of service.
I'm trying to write a login script to ssh into a cisco switch that will run some command remotely. Similar to this expect script located here:
SSH login expect shell script to supply username and password
However, that script does not work with cisco ios. Anyway know what the best way to... (1 Reply)
Hi all, This will save me a tremendous amount of time if i can get this script working. I have alot of sites i need to connect to using cisco vpn and then ssh onto servers to retrieve some info. Its all repetitative and it needs scripted.
what i have done so far is put this into a script.
... (0 Replies)
Who in the 64 ubuntu adopted cisco vpn client on the wireless network
I downloaded the cisco vpn client for linux but run vpn_install make file when an error in cisco with the help of the document read in half a day, nor do I know this vpn client in the 64 systems in use.
Who can help me, a... (1 Reply)
Hello all
Are you familiar with Patrol 3.5 software ?
If so , I would like to know if in Patrol logs , we could find users' history ?
Thank you (0 Replies)
rancid(1) General Commands Manual rancid(1)NAME
rancid - Cisco configuration filter
SYNOPSIS
rancid [-dlV] (-f filename | hostname)
DESCRIPTION
rancid is a perl(1) script which uses the login scripts (see clogin(1)) to login to a device, execute commands to display the
configuration, etc, then filters the output for formatting, security, and so on. rancid's product is a file with the name of it's last
argument plus the suffix .new. For example, hostname.new.
There are complementary scripts for other platforms and/or manufacturers that are supported by rancid(1). Briefly, these are:
agmrancid Cisco Anomaly Guard Module (AGM)
arancid Alteon WebOS switches
arrancid Arista Networks devices
brancid Bay Networks (nortel)
cat5rancid Cisco catalyst switches
cssrancid Cisco content services switches
erancid ADC-kentrox EZ-T3 mux
f10rancid Force10
f5rancid F5 BigIPs
fnrancid Fortinet Firewalls
francid Foundry and HP procurve OEMs of Foundry
hrancid HP Procurve Switches
htranicd Hitachi Routers
jerancid Juniper Networks E-series
jrancid Juniper Networks
mrancid MRTd
mrvrancid MRV optical switches
mtrancid Mikrotik routesrs
nrancid Netscreen firewalls
nsrancid Netscaler
nxrancid Cisco Nexus boxes
prancid Procket Networks
rivrancid Riverstone
rrancid Redback
srancid SMC switch (some Dell OEMs)
trancid Netopia sDSL/T1 routers
tntrancid Lucent TNT
xrancid Extreme switches
xrrancid Cisco IOS-XR boxes
zrancid Zebra routing software
The command-line options are as follows:
-V Prints package name and version strings.
-d Display debugging information.
-l Display somewhat less debugging information.
-f rancid should interpret the next argument as a filename which contains the output it would normally collect from the device (
hostname) with clogin(1).
SEE ALSO control_rancid(1), clogin(1), rancid.conf(5)CAVEATS
Cisco IOS offers a DHCP server that maintains a text database which can be stored remotely or on local storage. If stored locally, the
file changes constantly and causes constant diffs from rancid. If this file's name ('ip dhcp database') matches the regex
dhcp_[^[:space:].].txt, it will be filtered.
For Catalyst switches running CatOS, type cat5, the prompt must end with '>'. clogin(1) looks for '>' to determine when a login is
successful. For example:
cat5k>
cat5k> enable
Password:
cat5k> (enable)
rancid works on Cisco Catalyst 1900 series switches that are running Enterprise Edition software. This software provides a menu at
connection time that allows a command line interface to be used by entering 'K' at the prompt.
26 April 2011 rancid(1)