Got it
Huawei Enterprise Support Community
Community Forums Access Network
Illegal Attacks Cause OLT...

Illegal Attacks Cause OLT Equipment to be Out of Control Highlighted

Latest reply: Nov 14, 2021 09:15:09 1680 126 66 0 0
View the author 1#

Hello,

Today I'm going to share with you when illegal attacks cause OLT equipment to be out of control.


Fault description:


The user remotely logs in to the OLT device and prompts "too many users", and the login cannot be successful.


Troubleshooting process:


1- Use the display client command or the display terminal user online command to view the operating user information. It is found that no other users are online except for the serial port user.

2- Through collecting information, it is found that there are some fixed IPs that keep trying to log in to port 22 of the OLT (SSH uses port 22, Telnet uses port 23, sharing the connection channel, and SSH is recommended). Because these IPs are not owned by the operator, there are viruses. Or the possibility of malicious attacks on the OLT. At the same time, the problem sites of several operators do not have any security measures, ACL/firewall is not configured, and the default password of root has not been modified.

3- When the OLT faces such malicious attacks, if there is no firewall defense, the internal protection of abnormal TCP connections is insufficient. If terminal user 1 just closes the connection, user 2 connects again (thousands of connections in a short period of time can easily reproduce the problem), user 2 and user 1 will be assigned to use the same connection channel, causing user 2 to close the connection abnormally failure. In this way, the conflicts accumulate to a certain extent, and the user cannot log in normally.

4- You can use the existing powerful firewall and ACL rules of the OLT to solve this problem. The command is as follows:


Command:
  firewall enable
          acl 3000
          rule permit tcp source 192.168.109.0 0.0.0.255 destination 192.168.109.100 0
          rule deny tcp source any destination 192.168.253.15 0
          firewall packet-filter 3000 inbound


Problem review: 


If the OLT is running well, simply perform the above configuration; if the OLT site has already displayed the "too many users" prompt and cannot log in, it is recommended to "reset the system first, configure the above ACL, and finally save" "First configure the above ACL, then save, and finally reset the system" steps to troubleshoot.


You are welcome to leave a message and exchange in the comment area. Thank you!

Like (66) Dislike (0) Favorite(0) Share Report
Previous: No Related Alarm Record Is Displayed on the OLT After the ONT Is Reset Because the Equipment Alarm Filtering Is Set on OLT
Next: Huawei DN8245W-10 - an informative product review
(1) (0)
2#
lucian2003
Created Jan 6, 2021 21:53:03

Good post my friend
View more
  • x
  • convention:

wissal
wissal Created Jan 6, 2021 22:02:58 (0) (0)
Thank you so much for your support, dear friend.  
abood_1419
abood_1419 Created Jan 8, 2021 12:42:10 (0) (0)
 
abood_1419
abood_1419 Created Jan 8, 2021 12:43:07 (0) (0)
 
abood_1419
abood_1419 Created Jan 8, 2021 12:45:09 (0) (0)
 
abood_1419
abood_1419 Created Jan 8, 2021 12:45:21 (0) (0)
 
abood_1419
abood_1419 Created Jan 8, 2021 12:46:27 (0) (0)
 
Adriale
Adriale Created Jan 18, 2021 13:39:08 (0) (0)
Good post  
View more replies
(1) (0)
3#
Unicef
MVE Created Jan 6, 2021 22:04:49

Interesting one
View more
  • x
  • convention:

wissal
wissal Created Jan 6, 2021 22:10:21 (0) (0)
Thank you so much for your support, dear friend.  
Unicef
Unicef Reply wissal  Created Jan 6, 2021 22:12:41 (0) (0)
 
lucian2003
lucian2003 Created Jan 8, 2021 12:46:53 (0) (0)
 
Adriale
Adriale Created Jan 18, 2021 19:22:25 (0) (0)
:)  
(1) (0)
4#
LuizPuppin
HCIE Author Created Jan 6, 2021 22:29:21

Excellent. I will share with my clients.
View more
  • x
  • convention:

wissal
wissal Created Jan 6, 2021 22:39:10 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
5#
VinceD
Created Jan 6, 2021 22:55:56

very informative my friend.
View more
  • x
  • convention:

wissal
wissal Created Jan 6, 2021 22:59:25 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
6#
Chenxintao
Admin Created Jan 7, 2021 00:30:11

very useful content! Illegal Attacks Cause OLT Equipment to be Out of Control-3735443-1
View more
  • x
  • convention:

wissal
wissal Created Jan 7, 2021 05:58:42 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
7#
lan2019
Created Jan 7, 2021 01:14:27

Good information my friend
View more
  • x
  • convention:

wissal
wissal Created Jan 7, 2021 05:58:52 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
8#
umaryaqub
MVE Created Jan 7, 2021 04:54:05

Thanks for sharing
View more
  • x
  • convention:

wissal
wissal Created Jan 7, 2021 05:59:03 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
9#
IndianKid
Author Created Jan 7, 2021 05:39:44

Thanks
View more
  • x
  • convention:

wissal
wissal Created Jan 7, 2021 05:59:13 (0) (0)
Thank you so much for your support, dear friend.  
(1) (0)
10#
little_fish
Admin Created Jan 7, 2021 05:41:50

cool
View more
  • x
  • convention:

wissal
wissal Created Jan 7, 2021 05:59:24 (0) (0)
Thank you so much for your support, dear friend.  
123456
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.