I found the other night that on an ASA I was working with I could type login while in unprivileged mode and re-enter the same credentials I had just entered to login to the box (via SSH) to get myself into enable mode without ever having typed the word enable or without knowing the enable password.
Can someone explain this to me? Is it because my user has a privilege level of 15? What should my user level be set to? Why does the login command exist? has this always been the case or is it new with ASA 7.x/8.x code?
How can I disable this functionality so one has to type enable and know the enable password?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...