Fabric OS Administrator’s Guide 129
53-1001763-02
Telnet protocol 6
Attributes that are specific to each logical switch belong to the switch category. These attributes are
available in the Virtual Fabrics context and not available in the Chassis context.
Attributes that are common across the logical switches belong to the chassis level. These attributes
are accessible to users having the chassis-role permission. When a chassis table is queried the
context is set to chassis context, if the user has the chassis-role permission. The context is
switched back to the original context after the operation is performed.

The security level

Use the snmpConfig --set seclevel command to set the security level. For more information about
using the Brocade SNMP agent, see the Fabric OS MIB Reference.

The snmpConfig command

Use the snmpConfig --set command to change either the SNMPv3 or SNMPv1 configuration. You
can also change access control, MIB capability, and system group.
For details on Brocade MIB files, naming conventions, loading instructions, and information about
using the Brocade SNMP agent, see the Fabric OS MIB Reference.

Telnet protocol

Telnet is enabled by default. To prevent passing clear text passwords over the network when
connecting to the switch, you can block the Telnet protocol using an IP Filter policy. For more
information on IP Filter policies, refer to “IP Filter policy” on page 153.
ATTENTION
Before blocking Telnet, make sure you have an alternate method of establishing a connection with
the switch.

Blocking Telnet

If you create a new policy using commands with just one rule, all the missing rules have an implicit
deny and you lose all IP access to the switch, including Telnet, SSH, and management ports.
1. Connect to the switch and log in as admin.
2. Clone the default policy by typing the ipFilter --clone command.
switch:admin> ipfilter --clone BlockTelnet -from default_ipv4
3. Save the new policy by typing the ipFilter --save command.
switch:admin> ipfilter --save BlockTelnet
4. Verify the new policy exists by typing the ipFilter --show command.
switch:admin> ipfilter --show
5. Add a rule to the policy, by typing the ipFilter --addrule command.
switch:admin> ipfilter --addrule BlockTelnet -rule 1 -sip any -dp 23 -proto
tcp -act deny