1. Home
  2. Cisco Systems
  3. Help: Something is telnetting to my Cisco's (Ciscoworks?)

Help: Something is telnetting to my Cisco's (Ciscoworks?)

Hi, I'm getting this error message alot on my Cisco boxes.

2005 Dec 02 09:09:42 %MGMT-6-LOGINPASS:User logged in from 10.x.x.x via Telnet 2005 Dec 02 09:09:46 %MGMT-5-ENABLE_FAIL:User failed to enter enable mode from 10.x.x.x via Telnet - max attempt reached

I have 3 services running on 10.x.x.x. These are

CiscoWorks. What's up Gold. Somix - an MRTG graphing package.

Is there a part of Ciscoworks that telnets to my switches and routers ?

where can I look to solve this ?

Thanks guys in advance.

Genki

Reply to
genki
Loading thread data ...

it is probably your cisco works program thats doing it. first, make sure you have an ACL on your vty lines in the IOS devices

i really dont know what to tell you about Cisco works and where to look though. are you using IDS/IPS'es?

Reply to
John Smith

We don't have the IDS configured and employed yet (doing that this week, they are checkpoint IDS's)

The only thing i can think that is doing it is CiscoWorks, why would it need to telnet to my equipment though, perhaps to pull configs ? Why not tftp. I would love to be able to stop this behavior and get rid of these errors.

I don't think I can really acl out the CiscoWorks box as it needs to get stuff to do it's job. It wouldn't seem like a fix.

Thanks for you reply, appreciate it.

Genki

Reply to
genki

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.