Security Basics mailing list archives
Re: Telnet Security Question for a Router.
From: "Eric Schroeder" <ericschroeder () satel com>
Date: Wed, 11 Dec 2002 13:51:33 -0700
You can run SSH on some Cisco routers, depending on the software you are running. TACACS+ will not cause the telnet session to be encrypted. We use terminal servers that support SSH that are plugged into the console port of the router for some secure customers. Eric "Tony Toni" <tony572000 () hotmail com> 12/10/2002 07:45 PM To: SECURITY-BASICS () SECURITYFOCUS COM cc: Subject: Telnet Security Question for a Router. We were currently wrote up by our external auditors because we use telnet to access all of our routers. In some cases we use a filtered Telnet service...but that is not the normal practice. We are a fairly good size company with about 1000+ routers. I am charged with coordinating a response to the auditors. I know all of the security issues involved with Telnet...ie login id and password sent across the network in clear text, etc. My question: Is it possible to use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a way to ensure no one can sniff the login id and password? The Network Services Group is adamant that neither SSH or CISCO TACACS+ will work on a router to correct the security issue. Tony CIA,CISA,CDP,MBA Security and Audit Services Nations Banking & Trust PS: I have been playing phone tag with the auditor that wrote us up...to see what they recommend...have not reached him yet. _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Current thread:
- Telnet Security Question for a Router. Tony Toni (Dec 11)
- Re: Telnet Security Question for a Router. kawaii (Dec 11)
- Re: Telnet Security Question for a Router. Jeremy Anderson (Dec 11)
- Re: Telnet Security Question for a Router. Jill Tovey (Dec 12)
- Re: Telnet Security Question for a Router. Charley Hamilton (Dec 12)
- <Possible follow-ups>
- Re: Telnet Security Question for a Router. Mark Maher (Dec 12)
- RE: Telnet Security Question for a Router. Tim Donahue (Dec 12)
- Re: Telnet Security Question for a Router. Eric Schroeder (Dec 12)
- FW: Telnet Security Question for a Router. Stephen Wilcox (Dec 13)
- Re: Telnet Security Question for a Router. Chris Berry (Dec 13)
- RE: Telnet Security Question for a Router. Stephen Wilcox (Dec 16)
- RE: Telnet Security Question for a Router. d'Ambly, Jeff (Dec 13)