Network Analysis Module SNMP Spoofing

I had a question about the recent NAM
vulnerability advisory for the Cat 6000,6500s. I am running OS v7.6(5).
Do I have to worry?
Thanks for your help.
-B

I hope the following link will guide you
http://www.cisco.com/en/US/products/sw/custcosw/ps1973/products_feature_guide_chapter09186a00803b7ddb.html

Similar Messages

  • Network Analysis Module - Capture File Download

    Hello,
    we have
    NAM Moduels Network Analysis Module 3 WS-SVC-NAM-3-K9
    installed in
    6506-E
    software version 6.0
    We have generated some Capture files, that we now would like to Download at once. Not by clicking each file and make a single download.
    There are some 2000 files, thats why :-)
    Does anyone have an idea how to do that? Is there any direct access to the internal Hard Drive? I could not find anything in CLI or GUI Guides.
    Thanks

    I attached a file with the 6509 config, sh snmp user and sh snmp result.
    When I go to :
    Setup > Managed Device > Device Information
    I've got :
    Access to the managed device failed. This may be due to
          1. Incorrect managed device IP address.
          2. Incorrect managed SNMP community string.
          3. The managed device's SNMP access control list is enabled.
    If the managed device's IP address or community string is incorrect, please use the input
    fields below to set the correct IP address and SNMP read-write community string.
    Otherwise, check if your managed device's SNMP access control list is enabled
    and make sure that the NAM's IP address shown in the Test popup
    window is included in the access control list.
    I've got this result when I test SNMP connectivity on the 2220. I tested snmpv3 with authpriv, authnopriv, noauthnopriv.
    Test Connectivity :
    SNMP read from managed device:     Failed    
    SNMP write from managed device:     Failed
    So I was thinking at some small license requirement for SNMPv3 as no packet were transmitted from the 2220. Unlike in SNMPv1 where I could capture the management packet.

  • Network Analysis Module (NAM) port-adapter not collect data

    Hi,
    i have an issue for collect data on adapter 1, that don´t collect data but see that adapter 2 if collect data on module 4.
    monitor session 1 source vlan 102 rx
    monitor session 1 destination analysis-module 4 data-port 1
    monitor session 2 source vlan 106 rx
    monitor session 2 destination analysis-module 4 data-port 2
    I reconfigured newly monitor and continues with that issue. Always ok by data-port 2.
    - show version Cisco 6513
    Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(33)SXH7, RELEASE SOFTWARE (fc3)
    . show version NAM
    NAM application image version: 3.5(1b)
    - sh module
    Ports Card Type                              Model           
    8  Network Analysis Module                WS-SVC-NAM-2
    Hw    Fw           Sw           Status
       2.0   7.2(1)       3.5(1b)      Ok
    Any idea or cuestion?

    Hi,
    I see web GUI that is active 2 monitor session with Destination Module 4.
    Active SPAN Sessions
    Monitor Session
    Type
    Source - Direction
    Dest. Port
    Dest. Module
    Status     
    1
    vlan
    (106) - Rx
    4/7
    4 (local)
    active
    2
    vlan
    (102) - Rx
    4/8
    4 (local)
    active
    Select a SPAN session, then take an action
    Create
    Save
    Add Dest. Port 1
    Add Dest. Port 2
    Edit
    Delete
    But don´t see data about DATA PORT 1, but if see data about DATA PORT 2
    Data Source:
    Most Active Applications (bytes/sec)         No data available
    Most Active Hosts (output bytes/sec)Total hosts      90 (Network)   No data available
    Protocol Suites No data available
    Server Response Times (msec)          No data available
    Any ideas?

  • Cisco Prime Network Analysis Module (NAM) 5.1

    Hi I have NAM-2 with software version 4.2 installed in my network and i am making very good use of these module for troublshooting,
    I can run multiple captures files at local disk simultaneously and i can decode real time any capture file which is running.
    I want to clarify following things,
    I upgraded one of my NAM2 from 4.2 to 5.1 but i see following differences,
    I cannnot do multiple captures at local disk simultaneously. it is not allowing me to create 2nd capture at localdisk while one is already running while in 4.2 version i can run multiple captures to local disk.
    Its mean if i have 40G local disk, it's mean, it become reserved for one capture untill i stop and save there,
    Also i cannot decode running capture file real time untill i stop.
    I would apprecite if someone can clarify, whether it was enhancement in NAM 5.1?
    Configuring Capture Sessions
    You can create up to ten capture sessions, and only one capture session per disk (local or external).
    http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/5.0_1_T/user/guide/capting.html#wp1252570

    NAM 5.x removes the ability to perform multiple captures to a single local disk because that results in unreliable capture behavior (packets may or may not be dropped depending on whether the disk can keep up with the data rate).
    You should still be able to decode memory captures while running. For disk captures, the capture file must not be in use (i.e., for a multi-file capture, you can decode any file other than the one currently being written to).

  • Install and configure Cisco Network Analysis Module NAM-2

    Hi,
    Does anyone have a step-by-step document on how to install and configure Cisco NAM-2 module ?
    Thanks in advance.
    Regards,
    Lamine

    Hi Lamine,
    The official installation guides for NAM software can be found here:
    http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_installation_guides_list.html
    Is this what you are looking for?
    Cheers,
    Shane

  • Network Analysis Module (NAM) appliance 2220 version 5.0.1 and SNMPv3

    Hello,
    Is there some patch requirement for SNMPv3 on the NAM appliance ?
    I tried to do SNMPv1 on a 6509 with VSS it works fine and I could capture the packet of the SNMP request.
    If I tried to move to SNMPv3, the communication failed and there is no SNMP packets transmitted from the NAM.
    I was wondering if there is a patch requirement for the SNMPv3 (as for SSL or HTTPS)  ?
    Kind regards
    Charles

    I attached a file with the 6509 config, sh snmp user and sh snmp result.
    When I go to :
    Setup > Managed Device > Device Information
    I've got :
    Access to the managed device failed. This may be due to
          1. Incorrect managed device IP address.
          2. Incorrect managed SNMP community string.
          3. The managed device's SNMP access control list is enabled.
    If the managed device's IP address or community string is incorrect, please use the input
    fields below to set the correct IP address and SNMP read-write community string.
    Otherwise, check if your managed device's SNMP access control list is enabled
    and make sure that the NAM's IP address shown in the Test popup
    window is included in the access control list.
    I've got this result when I test SNMP connectivity on the 2220. I tested snmpv3 with authpriv, authnopriv, noauthnopriv.
    Test Connectivity :
    SNMP read from managed device:     Failed    
    SNMP write from managed device:     Failed
    So I was thinking at some small license requirement for SNMPv3 as no packet were transmitted from the 2220. Unlike in SNMPv1 where I could capture the management packet.

  • Tac_Plus (open source TACACS+ server) and NAM (Network Analysis Module)

    I am trying to setup our cisco NAM's to authenticate against our open source tac_plus server.  I see traffic on port 49 between the NAM and server but I keep on getting an invalid username/password error.  I do not see any invalid logon attemps in our tacacs log.
    The tacacs server running and I am able to authenticate against it when I am logging onto our routers and switches.  I have created the following group for NAM authentication on the server ("namuser" is able to log onto our routers/switches):
    group = nam {
    cmd = web { permit capture
    permit system
    permit collection
    permit account
    permit alarm
    permit view }
    user = namuser {
    member = nam
    login = pam tac_plus

    switch config
    aaa new-model
    aaa authentication username-prompt login:
    aaa authentication login default group tacacs+ local
    aaa authentication enable default group tacacs+ enable
    aaa authorization commands 15 default group tacacs+ local
    tacacs-server host x.x.x.x
    tacacs-server directed-request
    tacacs-server key ********

  • NAM(Network Analysis Module) Question

    I have NAM-2(3.3.1 with patch 3.3.1)
    I just installed NAM in Cat6509. and then monitiring.
    I had configured SPAN(both and rx) to redirect whole traffic from cat6500 to NAM.
    At this time, I didn't configure about Valns. Because, i know the the NAM(3.3.1 later) can gather whole valn in the Supervisor Engine whthout any configuration about Vlan.
    I tried to watch the status of Vlans in the NAM's webpage menu. But i only can see one vlan. i couldn't see rest of them.
    the web page told me "No data available".
    How can i see rest of vlans?
    Thank you...

    Have you enabled the collections for your span source under Setup->Monitor screen in the NAM Web GUI?

  • Cisco Network Analysis Module (NAM) data monitoring port

    Hi, need some insight on this please.  Your comments are appreciated.
    My Cisco NAM 2220 comes with 10G data monitoring port, can I configure an IP address on this port for data monitoring?
    or this data port can only support monitirong span, rspan, ersapn, vacl only (not for IP routing) and needs to be functioning in a promiscuous mode only?
    Many thanks
    Joe

    Hi Lamine,
    The official installation guides for NAM software can be found here:
    http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_installation_guides_list.html
    Is this what you are looking for?
    Cheers,
    Shane

  • How to store the data coming from network analyser into a text or excel file

    Hii everyone
    I'm using Agilent 8719ET network analyser and wish to store the data coming from netowrk analyser into a text file/ excel file.
    Presently I'm able to get the data on Labview graph using GPIB . Can anyone suggest how to go ahead after collect data sub vi. How can the data be stored into a file apart from showing on the graph?
    Attached is the vi for kind consideration...
    Looking for help
    Regards
    Rohit
    Attachments:
    Agilent 87XX Series Exceed Max Meas.vi ‏43 KB

    First let me say that your code really looks pretty good. The data handling could be made more efficient by calculating the number of datapoints that are going to be in the completed dataset and preallocating the entire array -- but depending upon your answer to my questions, the logic in the lower shift register may be going away - so we won't worry about that right now.
    The thing I need to know before addressing the data storage question is: Each time you call "Collect and Display Data.vi", how many element are in the array? Are you reading single data points, or a group of data? (BTW: if the answer to that question is obvious based on the way the other VIs are setup, I don't have the drivers so I can't tell what the setup values are.) Second, how fast does the loop iterate? Are we talking msec per loop?, seconds? fortnights?
    The issues here are two-fold: how much data? and how fast is it coming? The answer to these will tell you how to save the data.
    Mike...
    Certified Professional Instructor
    Certified LabVIEW Architect
    LabVIEW Champion
    "... after all, He's not a tame lion..."
    Be thinking ahead and mark your dance card for NI Week 2015 now: TS 6139 - Object Oriented First Steps

  • Daisy Chain cFP-1808 Network interface module

    Hello,
    I am trying to find some documententaion that explains how to Daisy Chain 2 NI cFP-1808, which is Network interface modules for the Compact Fieldpoint platform. http://sine.ni.com/nips/cds/view/p/lang/en/nid/202210
    I am also trying to find out what are the performance hits when adding 1 or more cFP-1808 to a system.
    Also has anybody had experience doing this and what did you observe?
    Thanks
    Dan

    Use an ethernet switch to connect as much as you want.
    The filedpoint system is low-speed I/O with 10Mbit ethernet you should see no performance hit imho.
    André
    Regards,
    André
    Using whatever version of LV the customer requires. (LV5.1-LV2012) (www.carya.nl)

  • Anyconnect Secure Mobility Client, Network Access Module, wired PEAP

    Hello there,
    I am testing AnyConnect Secure Mobility Client, Network Access Module as supplicant with PEAP authentication for wired network users. With default configuration it is working well.  With default configuration it is Trusting any Root CA certificates installed on the OS.  Do you know how to configure NAM that it will validate ACS certificate with specific Root CA Certificate ?
    In Network Access Module profile editor it has two options about Certificates:
    One is Certificate Trusted Authority which has two options by its self  first is too trust any Root CA certificate that is installed on OS, and second is to import Root CA certificate in Profile. Potentially Second option can help in my case, I can manually import Root CA certificates in each profile. But I think it will be hard to update Root CA certificates in future  in that way.
    Second is Certificate Trusted Server Rules,  this option have matching capability by certificate Common Name.  For what can be used this option ?

    Normally the way it works is that you set up your Enterprise Root CA, and then have it issue a certifcate for the AAA server (ie ACS, ISE, etc). You then install this certificate on the AAA server and (in an Active Directory environment) add the Root CA certificate to the client systems local certificate store. What that means is that any certificates (such as the one installed on the AAA server) that are presented to the client that are signed by the root are automatically trusted.
    Server validation is an extra step in terms of proving the identity of the AAA server to the authenticating client. As such, when you build the policy in the NAM editor, it would look similar to the image below:
    I like to use the CN (Common Name) as the match criteria and build my CA issuance policy to always include the FQDN in the certificate for identity purposes.
    Hope this helps!

  • Premiere Pro CC - Content analysis modules (French)

    Hi,
    from the moment I updated to Premiere pro CC (on windows 7 64 bit), the content analysis module for French has been unavailable. I have downloaded it again for the latest version (which mentions compatibility for both CS6 and CC versions) and reinstalled it, but no change. I can't select this option. I have tried several things and found the folder in common files, but it is called CS6, maybe that's a clue to why it is broken.
    Anyway I urgently need this option for a very talky group of videos I have to edit and am desperate to have it working. And by the way it is broken in Prelude too, of course.
    Thank you for your feedback.
    David

    I did the same and it worked. There are three folders under CS6, fr_CA, fr_FR, and support. I copied the two fr folders to the 4.0 folder because there is already a support folder there and i didnt want to mess it up. It looks like the 4.0 is for the US speech engine. I guess even the big boys can sometimes dodo.

  • Network Analysis withinCost & "traction zone" or  isochrones

    Hello
    The Pro Oracle Spatial book mentions in Chapter 10 the use of "traction zone" polygon and/or isochrones, based on the results (Nodes/endpoints) of the withinCost network analysis.
    My questions:
    1. How should these polygons be created (based on voronoi?)?
    2. Has anybody implemented the creation of isochrones already in Oracle spatial( java/ pl-sql)?
    3. Is this planned in later releases?
    Any info would be appreciated?
    tx
    Luc

    Either this is a little weird or I'm looking at the wrong place. If I do a show statistics virtual-sensor I seem to be getting some hits on different sigs:
    Per-Signature SigEvent count since reset
                Sig 6403.1 = 6
                Sig 6409.1 = 17
                Sig 6409.2 = 2
                Sig 20059.1 = 1453
                Sig 21619.1 = 2
                Sig 23782.2 = 2
                Sig 30260.1 = 3
    However If I go to the IDM, Monitoring, Events, Event Viewer all I see is health messages from the sensor itself, not signatures.
    Any ideas? Thanks.

  • How can I acquire trace data from Agilent(HP)8510c Network Analyser in VB6 using PCI-GPIB and NI-488.2.

    I am developing an application in VB6 for measurements with Agilent (HP)8510C network Analyser using NI-488.2 and National Instrument PCI-GPIB card. I want to take data for the whole 51 points. In HPBASIC which used to be employed for this purpose it is done using OUTPDATA command and the data is in a 2-dimensional array. How can I do this in VB6 with the hardware above.
    kapil

    Hi Kapil:
    Please refer to a previous post on the same topic:
    http://forums.ni.com/ni/board/message?board.id=140&message.id=7758#M7758
    Although this is for C++, the basic functionality should be the same. Since OUTPDATA is from a specific instrument driver, your best bet will be comparing it to the instrument drivers mentioned in the previous post.
    Thank you,
    Emilie S.
    National Instruments
    Applications Engineer

Maybe you are looking for

  • Error after Deploying a .ear File

    Hi, I have deployed an .ear file on the SAP J2EE engine 6.20 on EP6.0 sp2. When I access one of the JSP's, I am getting a NoClassDefFound exception even though the particular jar (xml-apis.jar) file containing the class is in the additional-lib direc

  • Chinese Character in PDF format for Oracle Reports 11g

    Hello Everyone, Currently we have a Report that need to be display chinese character in PDF format. We followed the steps specified in the "Oralce Fusion Middleware Publishing Reports to the Web with Oracle Reports Services" documentation but things

  • Looping in smart forms

    HI EXperts,                    I have a problem in Samrt forms. Can anyone tell me what's the answer of that loop at lt_price1 to ls_price1            """"Table that contains material no...    like 8646,8647,8648,8646,8646    loop at lt_price1 to ls_

  • HT204150 I updated my iPhone with the new iOS6 & ALL my contacts were deleted! WTH?

    I recently updated my iPhone with the iOS6 update & all of my CONTACTS have been deleted? What gives?

  • Power button not responding, can't login

    I have a late model 15" macbook pro with Retina display. Periodically the computer will lock up when I open the cover. It is displaying the login screen and will allow me to type in my password but then nothing happens. The main issue however is that