01-30-2018 06:51 AM - edited 03-05-2019 09:50 AM
I have a switch outside our firewall open to the Internet. It is a newer 3650 switch. I have an ACL assigned to the vty interface that should restrict management traffic to it. I found it went into quiet mode because someone was doing a dictionary attack against it. They attackers were using http authentication built into the switch for management to launch the attack. I had to turn off http and https server to block them. My question is why was the ACL not blocking this dictionary attack?
Solved! Go to Solution.
01-30-2018 08:31 AM
01-30-2018 07:00 AM
01-30-2018 07:13 AM
I don't quite follow Joseph. It was blocking ssh traffic but not port 80 and 443 access.
01-30-2018 08:31 AM
01-30-2018 08:33 AM - edited 01-30-2018 08:34 AM
BTW, some other vendors work differently. One that comes to mine, you apply an ACL to the loopback interface, and it controls what goes to the device's management.
01-30-2018 08:33 AM
01-30-2018 08:35 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide