Cisco 'rsh' attacks?