My unit seems to crash upon execution of the script and took me a while to narrow down the culprit as being the execution of a "show cmd".
Here's a "show version" of the victim ( bold the ASA code version at top )
asaken> show ver
Cisco Adaptive Security Appliance Software Version 9.1(1)4
Device Manager Version 7.1(2)
Compiled on Wed 13-Mar-13 07:45 by builders
System image file is "disk0:/asa911-4-k8.bin"
Config file at boot was "startup-config"
asaken up 2 mins 23 secs
Hardware:
ASA5505, 256 MB RAM, CPU Geode 500 MHz,
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-5505 on-board
accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.08
Number of accelerators: 1
0: Int:
Internal-Data0/0 :
address is 001f.caf3.2111, irq 11
1: Ext:
Ethernet0/0 : address is
001f.caf3.2109, irq 255
2: Ext:
Ethernet0/1 : address is
001f.caf3.210a, irq 255
3: Ext:
Ethernet0/2
: address is
001f.caf3.210b, irq 255
4: Ext:
Ethernet0/3 : address is
001f.caf3.210c, irq 255
5: Ext:
Ethernet0/4 : address is
001f.caf3.210d, irq 255
6: Ext:
Ethernet0/5 : address is
001f.caf3.210e, irq 255
7: Ext:
Ethernet0/6 : address is
001f.caf3.210f, irq 255
8: Ext:
Ethernet0/7 : address is
001f.caf3.2110, irq 255
9: Int:
Internal-Data0/1 :
address is 0000.0003.0002, irq 255
10: Int: Not used
: irq 255
11: Int: Not used
: irq 255
Licensed features for this platform:
Maximum Physical Interfaces : 8
perpetual
VLANs
: 3
DMZ Restricted
Dual ISPs
: Disabled
perpetual
VLAN Trunk Ports
:
0
perpetual
Inside Hosts
: 10
perpetual
Failover
: Disabled
perpetual
Encryption-DES
: Enabled perpetual
Encryption-3DES-AES
: Enabled perpetual
AnyConnect Premium Peers : 2
perpetual
AnyConnect Essentials
: Disabled perpetual
Other VPN Peers
: 10
perpetual
Total VPN Peers
: 12
perpetual
Shared License
: Disabled perpetual
AnyConnect for Mobile
: Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions :
2
perpetual
Total UC Proxy Sessions :
2
perpetual
Botnet Traffic Filter
: Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster
: Disabled
perpetual
This platform has a Base license.
Serial Number: JMX1215Z145
Running Permanent Activation Key: 0x65285667 0x9c212c13
0x7c505978 0xbaecc4d4 0xc231aa90
Configuration register is 0x1
Configuration has not been modified since last system
restart.
asaken> en
Password: *************
And here's the show inventory command options, if you specify a slot it works but if you don't , it crashes and burn. ( god you have to love software developers no adays )
I'm going to downgrade back one rev to see if the problem still exist. Nothing interesting flashed on console or log, with the exception of a ssh cpu task ran for xxxxx msec.
The ASA just plain hangs, and then reboots. Nice!
Ken Felix
Freelance Security/Network Engineer
kfelix ---a-t--- hyperfeed ---d-o-t-com
The ASA just plain hangs, and then reboots. Nice!
Ken Felix
Freelance Security/Network Engineer
kfelix ---a-t--- hyperfeed ---d-o-t-com
No comments:
Post a Comment