North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [Activity logging & archiving tool]
This is not dngerous - I do not expect any idiot, opening SNMP from outside (SNMP is excellent protocol, which can crash ANY device in the world; I crashed 6509 switch and PIX firewall in a few days, when debugged new 'snmpstat' system). And moreover, Cisco allows o lock IP and file name for SNMP/TFTP. On the other hand, using 'expect' is not difficult and is much more flexible. Most problems are with PIX-es with their paranoya, which cause a nececity to know enable password for any simple action... I'll send my old expect script here tomorrow, if someone want (it is not big). New script uses cryptography to remember a passwords, so it became more secure, but idea is the same... ----- Original Message ----- From: "Christopher L. Morrow" <[email protected]> To: "Scott McGrath" <[email protected]> Cc: <[email protected]> Sent: Tuesday, November 25, 2003 1:51 PM Subject: RE: [Activity logging & archiving tool] > > > > On Tue, 25 Nov 2003, Scott McGrath wrote: > > > > > > > CiscoWorks also polls the devices for configuration changes and generates > > a diff if you so desire. If you have set up AAA you will have an audit > > log of when changes were applied and who applied them. > > > > Scott C. McGrath > > I'm fairly certain that the tacacs standard implementations available on > the cisco routers log out changes to the config made by users... That and > a little log parsing magic and you have this data also. Be cautious that > some of the EMS systems will grab configs through snmp WRITE initiated > tftp writes, this could be dangerous if your routers are publicly > accessible :) > > -Chris
|