Hi, We have recently had a situation at work where changes were made to the network by a user, however it has been verified the user did not have computer access during this time. There are a handful of individuals who have access to the ACS server and looking at the failed attempts logs over time, many of these individuals, including my own passwords are in there as faileded attempts, "Authen failed CS password invalid". Occasionally I will telnet into a switch and latency, solar flares, or me typing too quick will somehow have my password in the username field. I can view the failed attempts and see my password. I'd written this off long ago that its going to happen every few weeks if you telnet into dozens of systems a day. My question is has anyone else ever experienced this problem, and do you have any sites I can reference this problem in? I've found one instance on a Bugtraq mailing list from 5 years ago but nothing recent. I'm sifting through Cisco's site but I can imagine this could reflect negatively on their product and they do not list it. Any help and documentation would be appreciated as I am trying to avoid this happening again. Thanks Will
- posted
17 years ago