Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

3500yl - Console not respond - Possible Hack?

Ray Siripan
Occasional Advisor

3500yl - Console not respond - Possible Hack?

Hi,

I could not access the switch using normal telnet, by IP (www) or even serial console port, I got no respond on the serial console port.

The switch still working as it should despite some vlan not working properly.

Is it possible that cause of the problem is a memory full up? or some kind of known issue that might reset the switch to default factory?

Before hard reset, I would like to try normal restart the switch to see if it help, if not then hard reset might be an only option.

I also configured specific IP to be manage and password is very strong and don't think this is an attempt hack, however I might be wrong on this.

Thanks


11 REPLIES
Michael_Breuer
Esteemed Contributor

Re: 3500yl - Console not respond - Possible Hack?

Hi Ray,

what are your serial console settings on your terminal program? Please make sure that you disabled flow control. Are you using autosensing for baud rate (default setting)? My experience is that the connection is more stable if you set a fixed speed on the serial port:
Switch(config)# console baud-rate 9600
(requires reboot)

Cheers,

Michael
Ingentive Networks GmbH
Ray Siripan
Occasional Advisor

Re: 3500yl - Console not respond - Possible Hack?

Thank for the respond,

yes the setting is correct, I have managed to logon to other switch's console with sucess.
Shadow13
Respected Contributor

Re: 3500yl - Console not respond - Possible Hack?

can you please tell me the status of these LEDs Test, Fault and MDI.

Also is there any redundant links?
Michael_Breuer
Esteemed Contributor

Re: 3500yl - Console not respond - Possible Hack?

Hi Ray,

according to Shadow: please check redundant paths and remove if feasible. Also not the LED stae. If this doesn't help the only way is to reset the switch with the reset button. The log file might survive the reboot and you might get some hints in the log file "sh log -a".

Cheers,

Michael
Ingentive Networks GmbH
Ray Siripan
Occasional Advisor

Re: 3500yl - Console not respond - Possible Hack?

is the reset button only restart the switch or wipe out the startup-config as well?

will keep you post about the LED, the switch is on other building :(
Shadow13
Respected Contributor

Re: 3500yl - Console not respond - Possible Hack?

the reset button will only reboot the switch, the configuration will be maintained, if you want to reset to factory default please follow the below settings :
Using the Clear/Reset Buttons

1. Simultaneously press both the Reset and Clear Buttons on the front of the switch.
2. Continue to press the Clear button while releasing the Reset button.
3. When the Self Test LED begins to flash, release the Clear button.

The switch will then complete its self test and begin operating with the configuration restored to the factory default settings.
Paulen
Regular Advisor

Re: 3500yl - Console not respond - Possible Hack?

We have some 5406zl, which is more or less the same switch in modular form. Every now and then it claims that all telnet sessions are busy, even though it has an idle timeout of 5 minutes. When it does this, usually also the console access is blocked(!).

Now - this is a serious flaw that noone seems to have addressed. The only fix for us has been to reboot the switch.

IMHO you ALWAYS should be able to access the console.
Ray Siripan
Occasional Advisor

Re: 3500yl - Console not respond - Possible Hack?

oh dear, not good!,

I'm scheduled to reset the switch today and will keep everyone post.

Shadow13
Respected Contributor

Re: 3500yl - Console not respond - Possible Hack?

regarding the 5400zl please check the links you have and also check the fiber cables and mini-gbics if you have,

also just to determine the status of the switch itself issue the command #show cpu and check the cpu utilization.

Which firmware version you have on the 5400zl ?
abdullah shboull
Frequent Advisor

Re: 3500yl - Console not respond - Possible Hack?

Itâ s too easy, I faced the same problem, you have just keep the console cable connect to the switch and plug out the power cable and you will able again to telnet and to open an hyper terminal again.
Paulen
Regular Advisor

Re: 3500yl - Console not respond - Possible Hack?

Apropos; from the release notes for the 5304 software;

Problems Resolved in Release E.11.07 (Never released).
* Management (PR_0000005902)
The management functionality may become unresponsive, resulting in loss of TELNET, Web Management, and console access response from the
switch.

I bet this is not restricted to the 5304..