[rancid] Weird commands on Cisco ASA
Michael T. Voity
mvoity at uvm.edu
Thu Aug 30 20:14:35 UTC 2018
Hello,
I have a firewall that has not been updated by rancid for a few days.
Upon investigation I did some testing from the server found this -
Looks like it is adding the command 'rancid' after it logs in.
This is my only device that does it, among the 50+ that rancid is polling.
[rancid at netwatch bin]$ ./clogin <hostname removed>
<hostname removed>
spawn ssh -c aes256-ctr -x -l rancid <hostname removed>
rancid@<hostname removed>'s password:
User rancid logged in to <hostname removed>
Logins over the last 78 days: 6800. Last login: 16:04:41 EDT Aug 30 2018 from <removed>
Failed logins since the last login: 0. Last failed login: 15:20:29 EDT Aug 30 2018 from <removed>
Type help or '?' for a list of available commands.
<hostname removed>> rancid
^
ERROR: % Invalid input detected at '^' marker.
<hostname removed>>
Error: Unrecognized command, check your enable command
rancid
^
ERROR: % Invalid input detected at '^' marker.
<hostname removed>> enable
Password:
Invalid password
Password:
Invalid password
Password:
Invalid password
Access denied.
<hostname removed>> exit
Logoff
Connection to <hostname removed> closed.
[rancid at netwatch bin]$
--
Michael T. Voity
Network Engineer
The University of Vermont
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20180830/a129f126/attachment.html>
More information about the Rancid-discuss
mailing list