The problem with that assumption is that you're saying any TCP packet
received on port 23 is part of a login attempt. This is not true. Someone
could be port scanning, testing connectivity, etc.....
My definition of a login attempt ( which I believe is technically correct)
is when someone completes the TCP session and sends a username and password
string, and conforms to the protocol. Unless that happens, it is not a login
attempt.
It's not about being fancy. It's about meeting the requirements of the task,
which the OP did exactly.
-Yuri
On Mon, Aug 8, 2011 at 5:39 PM, Abdullah Al-Malki
<a.almalki1402_at_gmail.com>wrote:
> If its just about logging attempts, I think you dont need to go fancy and
> configure login on-failure.
> The access list attached to the telnet just need to be modified to allow
> logging.
>
>
> On Tue, Aug 9, 2011 at 12:11 AM, Scott Morris <swm_at_emanon.com> wrote:
>
> > Two things...
> >
> > 1. The ASET lab may have been written before your solution (very good,
> > by the way) was introduced in IOS being used in the lab!
> >
> > 2. They don't appear to care about success, just the attempts which may
> > signify more generic approach like they did.
> >
> > Definitely not as elegant, but may be what's being asked for!
> >
> >
> >
> >
> > *Scott Morris*, CCIE/x4/ (R&S/ISP-Dial/Security/Service Provider) #4713,
> >
> > CCDE #2009::D, JNCIE-M #153, JNCIE-ER #102, CISSP, et al.
> >
> > CCSI #21903, JNCI-M, JNCI-ER
> >
> > swm_at_emanon.com
> >
> >
> > Knowledge is power.
> >
> > Power corrupts.
> >
> > Study hard and be Eeeeviiiil......
> >
> >
> > On 8/8/11 4:03 PM, Daniel Dib wrote:
> > > Hi please advise me on this task. I did an ASET TS lab which seems to
> be
> > > quite similar to real lab TS. This was one task. How would you
> configure
> > the
> > > statement below?
> > >
> > > "R19 should be logging all telnet access attempts, successful or not.
> > > Configure R19 as needed such that telnet access is logged."
> > >
> > > The solution guide used an ACL bound to the VTY which logs all traffic
> > > hitting VTY. Sure, this will show if people are trying to telnet but
> > nothing
> > > if session was successful or not. My solution was to use the login
> > > on-failure and login on-success feature. That would probably mean lost
> > > points for me, what do you think?
> > >
> > > Best regards,
> > >
> > > Daniel
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Aug 08 2011 - 18:57:15 ART
This archive was generated by hypermail 2.2.0 : Thu Sep 01 2011 - 06:05:56 ART