HPE Community
HPE Aruba Networking & ProVision-based
1834495 Members
3053 Online
110067 Solutions
New Discussion

HP Procurve Security problems

 
pepinpepe
Occasional Advisor

‎08-12-2014 02:56 PM

‎08-12-2014 02:56 PM

HP Procurve Security problems

Hello,

 

HP Procurve 2610 and 2910

 

We found two switches with differents password and we had to use the front panel to reset. When I could connect to the console I have been reviewing the configuration and I have some questions that perhaps someone could answer me:

 
1. In the logs I can´t see anything but the truth is that with normal passwords I couldn´t connect to them. Do you know if there is a method to change this passwords, I mean some vulnerabilities or well known passwords? The switches are HP 2610 alg and HP2910 procurve and the software versión W.14.03.
2. Do you know if there are some directories to find more logs appart from "show events"?
3. Two of them (HP Procurve 2910) are stacked. In one of them, the member, I have found the command "ip address dhcp-bootp" in the vlan1 which is not in the commander. Now I have disabled the ip configuration (any switch have IP because I have physical access to them). Do you know if this command is enabled by default, otherwise how is possible to know when it was introduced? Is possible with IP configuration disabled and this command in the running config to get an IP address and to Access remotely to the switch? Before, the switch had a static IP address and I think this command too, is possible that the switch in one momment had two ip addresses? In this case, the second assigned by dhcp let someone to Access without password?
4. dhcp-relay is enabled in switches by default. Is it necessary and can be used in a bad way?
5. I want to make this configuration:
 
Only Access by physical Access, by console but sending logs to a syslog server. Is this possible without IP configuration? If I have to set up an IP configuration to send the logs, how I can do it to have only Access by console (services that I have to disable, minum running-configuration).
 
6. Today something stranged happened. I connected to master switch 2910 by console and it asked me for the password. After, I connected to member switch 2910 and it didn´t asked me for password. Is this normal because they are staked or by there is a session timer for the hyperterminal?
 
Thanks very much.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.