MNS-BB Software User Guide
-28-
A 01-01-2001 12:05:52 AM PS:INTRUDER 00:e0:29:6c:a4:fd@port19, packet dropped
A 01-01-2001 12:07:04 AM PS:INTRUDER 00:50:0f:02:33:b6@port17, packet dropped
A 01-01-2001 12:07:16 AM PS:INTRUDER 00:e0:29:2a:f0:3a@port17, packet dropped
A 01-01-2001 12:07:16 AM PS:INTRUDER 00:01:03:e2:27:89@port17, packet dropped
A 01-01-2001 12:07:30 AM PS:INTRUDER 00:e0:29:08:d7:e9@port17, packet dropped
A 01-01-2001 12:07:32 AM PS:INTRUDER 00:10:dc:6e:52:95@port17, packet dropped
A 01-01-2001 12:07:34 AM PS:INTRUDER 00:e0:29:08:d6:43@port17, packet dropped
The above is an example of Multiple Intrusion Log Entries for the Same Port
The log shows the most recent intrusion at the top of the listing. Instead, if the log is filled when the
switch detects a new intrusion, the oldest entry is dropped off the listing and the newest entry appears
at the top of the listing.
6.8.3 CLI: Checking for Intrusions, Listing Intrusion Alerts
The following commands display port status including, whether there are intrusion alerts for any
port(s), a list of the intrusions, and which specific ports had the intrusions.
LE2425A# show log
S Date Time Log Description
A 01-01-2001 12:05:18 AM PS:INTRUDER 00:50:0f:02:33:b6@port17, packet dropped
A 01-01-2001 12:05:26 AM PS:INTRUDER 00:02:b3:1d:05:dc@port17, packet dropped
A 01-01-2001 12:05:36 AM PS:INTRUDER 00:01:03:e2:27:89@port17, packet dropped
A 01-01-2001 12:05:40 AM PS:INTRUDER 00:e0:29:11:1b:af@port17, packet dropped
A 01-01-2001 12:05:44 AM PS:INTRUDER 00:02:b3:64:d8:cf@port17, packet dropped
A 01-01-2001 12:05:44 AM PS:INTRUDER 00:e0:29:09:5d:be@port17, packet dropped
A 01-01-2001 12:05:48 AM PS:INTRUDER 00:02:b3:08:d2:22@port17, packet dropped
A 01-01-2001 12:05:48 AM PS:INTRUDER 00:e0:29:2a:f0:3a@port17, packet dropped
A 01-01-2001 12:05:56 AM PS:INTRUDER 00:10:dc:40:57:95@port17, packet dropped
A 01-01-2001 12:06:02 AM PS:port 18 disabled, INTRUDER 00:e0:29:2a:f1:bd
This log shows the intrusion at the port 17 and 18. You can always clear the log with clear command.
LE2425A# clear log
It clears the complete log.
You can also clear the specific part of the Log.
Syntax: clear log <informational|debug|activity|critical|fatal>
LE2425A# clear log activity
It clears the ‘activity’ log only.
6.9 Web: Viewing and Configuring Port Security
In the web browser interface:
1. Click on the [Configuration]
2. Click on [Port].
3. Click on [Security].
4. Click on [Status] to enable it.
5. Click on any specific port to set ‘Signal’, ‘Action’ and ‘Learn’ status.
6. After you make the desired changes, click on [OK] button.
7. Click [Save] to save the configuration.
6.10 SSL (Secure Sockets Layer)
LE2425A and LEV2525A switches provide remote management through Telnet and Web in clear
text. In other words, Telnet protocol negotiations as well as HTML over HTTP protocol negotiations
that are sent to and from the LE2425A and LEV2525A switches are not encrypted and are vulnerable
to attacks from malicious sources.
The MNS-BB Security Package (Rel2.7.1 onwards) resolved this issue. This package provides Secure
Sockets Layer (SSL) and Transport Layer Security (TLS) that enables the current embedded web
server to be able to handle secure HTTP (HTTPS).
6.10.1 The SSL Protocol
To Next Page
Loading...
