[tac_plus] Cisco Nexus Authorization problem

John Fraizer john at op-sec.us
Wed Aug 19 21:23:34 UTC 2015


I'm actually using a modified version of tac_plus internally in our
network. I'm logging to syslog and using log rotate to do rotation. I'm
working on a patch I can release to the public but, I have a lot on my
plate currently and that's on the back burner.

John Fraizer
--Sent from my Android phone.
Please excuse any typos.
On Aug 19, 2015 11:12 AM, <Kevin.Cruse at instinet.com> wrote:

> John
>
> Are you familiar with the logging options with tacplus? I noticed there is
> no 'authentication' log (i was previously using the mavvis version which
> had it). Additionally, the accounting log does not have a rolling date,
> meaning - I would like the log file name to have the date which changes
> daily. ie - accounting.20150820, accounting.20150821, etc. Is there an
> option for this?  I also noticed the accounting log does not show 'failed'
> logins. If i try to login to router with incorrect password it does not get
> logged.
>
>
> Kevin
>
>
>
> [image: Inactive hide details for John Fraizer ---08/17/2015 05:45:49
> PM---On Mon, Aug 17, 2015 at 2:03 PM, <Kevin.Cruse at instinet.com>]John
> Fraizer ---08/17/2015 05:45:49 PM---On Mon, Aug 17, 2015 at 2:03 PM, <
> Kevin.Cruse at instinet.com> wrote: >
>
> From: John Fraizer <john at op-sec.us>
> To: "Kevin.Cruse at Instinet.com" <Kevin.Cruse at instinet.com>,
> Cc: Daniel Schmidt <daniel.schmidt at wyo.gov>, "tac_plus at shrubbery.net" <
> tac_plus at shrubbery.net>
> Date: 08/17/2015 05:45 PM
> Subject: Re: [tac_plus] Cisco Nexus Authorization problem
> ------------------------------
>
>
>
>
> On Mon, Aug 17, 2015 at 2:03 PM, <*Kevin.Cruse at instinet.com*
> <Kevin.Cruse at instinet.com>> wrote:
>
>
>    Just fyi - I've configured the command "#aaa authorization
>    config-commands" as well, for some reason it does not show up in
>    configuration.
>
>
>
> There is some interesting trivia behind that.  "aaa authorization
> config-commands" is the "default" behavior.  BUT, if someone has issued "no
> aaa authorization config-commands" on the device (which also does not show
> up in the config), the behavior changes.  You have to issue "aaa
> authorization config-commands" to reenable the behavior.
>
> You just have to love those hidden gems!
>
> John
>
>
>
> =========================================================================================================
>
>
> *<<<< Disclaimer >>>>*
>
> This message is intended solely for use by the named addressee(s). If you
> receive this transmission in error, please immediately notify the sender
> and destroy this message in its entirety, whether in electronic or hard
> copy format. Any unauthorized use (and reliance thereon), copying,
> disclosure, retention, or distribution of this transmission or the material
> in this transmission is forbidden. We reserve the right to monitor and
> archive electronic communications. This material does not constitute an
> offer or solicitation with respect to the purchase or sale of any security.
> It should not be construed to contain any recommendation regarding any
> security or strategy. Any views expressed are those of the individual
> sender, except where the message states otherwise and the sender is
> authorized to state them to be the views of any such entity. This
> communication is provided on an “as is” basis. It contains material that is
> owned by Instinet Incorporated, its subsidiaries or its or their licensors,
> and may not, in whole or in part, be (i) copied, photocopied or duplicated
> in any form, by any means, or (ii) redistributed, posted, published,
> excerpted, or quoted without Instinet Incorporated's prior written consent.
> Please access the following link for important information and
> instructions:
> http://instinet.com/includes/index.jsp?thePage=/html/le_index.txt
>
> Securities products and services are provided by locally registered
> brokerage subsidiaries of Instinet Incorporated: Instinet Australia Pty
> Limited (ACN: 131 253 686 AFSL No: 327834), regulated by the Australian
> Securities & Investments Commission; Instinet Canada Limited, member
> IIROC/CIPF; Instinet Pacific Limited, authorized and regulated by the
> Securities and Futures Commission of Hong Kong; Instinet Singapore Services
> Private Limited, regulated by the Monetary Authority of Singapore, trading
> member of The Singapore Exchange Securities Trading Private Limited and
> clearing member of The Central Depository (Pte) Limited; and Instinet, LLC,
> member SIPC.
>
>
>
> =========================================================================================================
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20150819/5fb15b4a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20150819/5fb15b4a/attachment.gif>


More information about the tac_plus mailing list