Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Deleting Management Login Sessions

0

0

Article ID: KB6475 KB Last Updated: 02 Jul 2010Version: 3.0
Summary:
Deleting Management Login Sessions
Symptoms:
Current Logins Administrators List of All Current Login Sessions Stale unused management login sessions to the NetScreen Old login sessions that aren't being used, but still show as current Sockets may be cleared via telnet, SCS, or serial console connections
Solution:

This solution applies to ScreenOS 4.0.0 and higher:

To clean out old login sessions, that are not in use anymore, you will have to delete the socket associated with that stale login session.

Example:  Assume we have the following, using get socket command:

ns5xt-> get socket
 Socket  Type   State      Remote IP         Port    Local IP         Port
      0  tcp    listen     0.0.0.0              0    0.0.0.0            23
      2  tcp    listen     0.0.0.0              0    0.0.0.0           443
      3  tcp    listen     0.0.0.0              0    0.0.0.0            22
      8  tcp    listen     0.0.0.0              0    0.0.0.0          8080
     22  tcp    open       10.251.7.53       2654    10.251.7.49        23
     28  tcp    open       10.251.7.53       2660    10.251.7.49        22
     64  udp    close      0.0.0.0              0    0.0.0.0           520
     65  udp    close      0.0.0.0              0    0.0.0.0           161
     66  udp    close      0.0.0.0              0    0.0.0.0            67
     67  udp    close      0.0.0.0              0    0.0.0.0           500
     68  udp    close      0.0.0.0              0    0.0.0.0          5001
     69  udp    close      0.0.0.0              0    0.0.0.0             0

Assume the telnet session is the one that isn't really being used, and we wish to delete it.  You will have to delete socket 22.  This is done by the following command:

clear socket id 22

Here is the problem or goal:

  • Stale unused management login sessions to the NetScreen
  • Old login sessions that aren't being used, but still show as current
  • Delete login sessions

Problem Environment:

  • Current Logins
  • Administrators List of All Current Login Sessions

Additional Information:

Sockets may be cleared via telnet, SCS, or serial console connections

Applicable Products:

  • NetScreen-5XP
  • NetScreen-5XT
  • NetScreen-25
  • NetScreen-50
  • NetScreen-100
  • NetScreen-204
  • NetScreen-208
  • NetScreen- 500
  • NetScreen-5200
  • NetScreen-5400

Applicable ScreenOS:

  • 4.0.0
  • 4.0.0-DIAL
  • 4.0.0-DIAL2
  • 4.0.1
  • 4.0.2
  • 4.0.3


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search