RE: Locking Cisco Router

["DeGennaro, Gregory" <Gregory_DeGennaro () csaa com>]

Dave,

I may be wrong on this because I have not heard nor research it at Cisco.
> From what I know, it is not possible to totally lock a router down without
password recovery (ctrl-break)unless you implement physical security.
However, remember that no can password recover over the Internet but need
direct access to the router.  Why would you want to stop it because if you
do and you forget your password or whatever, it may be more frustrating and
costly than implementing physical security.

I did a "quick" search and nothing for routers.

Greg

-----Original Message-----
From: matt [mailto:tool8185 () adelphia net]
Sent: Sunday, November 17, 2002 7:34 AM
To: ziggy () one2net co ug; security-basics () securityfocus com
Subject: RE: Locking Cisco Router 


Why would you want to do that?  Is it company owned or privately owned?
If company owned, then if you quit or get fired, only you know the
password to the router itself else the next expert will have to
reconfigure the router changing the bits so that the password no longer
exists creating time...
Now if privately owned, as long as the password is never mentioned to
anyone, there isn't any problems. And what version are you with? 250*,
higher? Lower? from where I can see, your answer is no but I could be
wrong...

-----Original Message-----
From: David Lubowa [mailto:ziggy () one2net co ug] 
Sent: Thursday, November 14, 2002 9:50 AM
To: security-basics () securityfocus com
Subject: Locking Cisco Router 



is it possible to lock a cisco router to a point that even a password
recovery cant work to enter the router.

cheers
David Ziggy Lubowa
Network Engineer
One2net (U)
web: www.one2net.co.ug
Tel: +256 41 345466