From: andy lennon (alennon_uk@xxxxxxxxx)
Date: Fri Aug 31 2001 - 19:08:45 GMT-3
Kinton,
It will if all of your vty lines get left in a connected state and
remotely disconnected. Exec-timeout 0 0 will never timeout, leaving you
open to a dos attack.
Try exec-t 15 0
For a 15 min kickout,
Better still, tie vty 4 to a NOC address via an access-class, for a
secure way in.
Regs,
Andy
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Kinton Connelly
Sent: 29 August 2001 01:54
To: Martyniak, James; CCIELAB (E-mail)
Subject: Re: Funny/Stupid
It was fear of just this sort of problem that drove me to change from
using
"no exec-t" to using "exec-t 0 0" - it's a keystroke or two more, but a
fat-finger won't lock you out of the router. :-)
Kinton
CCIE #5867
At 8/28/01, Martyniak, James wrote:
>My lab is at work. Working on the lab from home I type my default
config in
>notepad including:
>
>line con 0
> no exec (meaning no exec-timeout)
>
>I try to shortcut things to much sometimes! With no remote power cycle,
I am
>on my way to work to 0x2142 my routers!
>
>Jimmy Martyniak
>Network Engineer
>University of Pennsylvania Health System
>(215)662-6243
>**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:01 GMT-3