mailing list archives
Re: 3Com switches - undocumented access level.)
From: mesrik () cc jyu fi (Riku Meskanen)
Date: Mon, 11 May 1998 23:31:01 +0300
On Mon, 11 May 1998, Mike Iglesias wrote:
But then some new stuff :)
Q: Right, but how about SuperStack II Switch 1000, does it has
undocumented access level?
A: Yes, try username "monitor", with password "monitor".
The 3 documented logins and passwords on the SuperStack II Switch 1000
are "monitor/monitor", "manager/manager", and "security/security".
monitor has view-only access, while manager and security can change parameters.
Yes this is true, I stand corrected and will promise to try
check documentation in future more carefully.
Why did you think the monitor login was undocumented?
I did not have manuals at home by then. Since the new switches are mostly
installed by our field staff¹ I was not aware of these accounts and
thought they were undocumented.
I had only used the "security" account, making joining ELANs and changing
ports to different VLANs etc. Also the passwords for the other accounts
were not changed :(
Seems, we have yet another important issue to talk on the next meeting.
¹) I work mostly with the ATM backbone devices, routers and unix hosts.
Looking the SuperStack II Switch 3000 10/100 with version information
Hardware Version: 5
Upgradable Software Version: 3.10
Boot Software Version: 2.10
while logged in as "security" and descending to USER ACCESS LEVELS,
LOCAL SECURITY, there is following users and options
Monitor Secure Manager Specialist Security
Console Port Enabled Enabled Enabled Enabled Enabled
Remote Telnet Enabled Enabled Enabled Enabled Enabled
Community-SNMP Enabled Disabled Disabled Disabled Disabled
As the Joao Carlos Mendes Luis <jonny () COE UFRJ BR> and you correctly
The "Specialist" and "Secure Monitor" are not listed in SuperStack II
Switch 3000 10/1000 Users Guide, Document No. DUA1694-2AAA02, May 1997
(Agent Software Version 2.1). But they are enlisted in SuperStack II
Switch ATM OC-3c Module For SuperStack II Switch 1000 and Switch 3000,
Part No. DUA1693-0AAA01, Dec 1996 Appendix B.
The "specialist" or "secure" account does not appear to be let you
in on any password combination I tried, not from console nor from
remote telnet session. I did not found any point where you could
assign password to users "secure" or "specialist", DELETE USERS
option does not provide method to delete these users either.
EDIT USER just lets you edit the user currently logged settings.
The SuperStack II Switch 1000 Release Notes (could not promptly find
the same document for Switch 3000) state in page 7 Documentation Errors
" Admin Default User Not Supported
The default user admin is not supported by agent software version
3.1. Support for this user will be provided by agent software version
3.2 and above."
By reviewing the first code from LS1K3_10.SLX (Switch 1000 image),
see my earlier posts, the admin string is actually in binary
000a6050 656e746c 79206c6f 67676564 20696e00 ently logged in.
000a6060 6d6f6e69 746f7200 6d616e61 67657200 monitor.manager.
000a6070 61646d69 6e007365 63757269 74790000 admin.security..
but as mentioned above it does seem not to work. We have one Switch
1000 in lab running version 3.21 (LS1K3_21.SLX) I will try to check
it tomorrow, the device happens just to be currently offline and
cant be reached from here (at home again) now.
just a bit confusing...
[ This .signature intentionally left blank ]