Hi,
I have a problem concerning my router. I have heard from a friend
that someone has been able to hack on my cisco 2511 router with
IOS 12.1 and not able to do anything right to prevent it. I have tried
putting access-list so that only specific IP's could telnet my router
remotely yet still I am puzzled as to how they are able to enter into
my system remotely. I think my access list works because when I
telnet my router using ip's not included in my access list . I get
error connection. How do they connect to it. They have crack the
passwords there which said were shadow passwords using special
software, what are shadow passwords in cisco? Is this the 'enable'
password? How can I prevent this?

Here is a portion of my access list:

access-list 150 permit tcp host x.x.x.x any log
access-list 150 permit tcp host x.x.x.x any log
access-list 150 permit tcp host x.x.x.x any log
access-list 150 permit tcp host x.x.x.x any log
access-list 150 permit tcp host x.x.x.x any log
access-list 150 permit tcp host x.x.x.x any log
access-list 150 deny icmp any any

x.x.x.x being the ip address of my LANS.

Hoping someone could help me on this.
Thank you very much.

Raul B.