nanog mailing list archives

Re: ABOVE.NET SECURITY TRUTHS?

From: "Alec H. Peterson" <ahp () hilander com>
Date: Sat, 29 Apr 2000 09:25:57 -0600


Alexei Roudnev wrote:


Yes.

And (I add) with priv-level.


Or with TACACS+ server-side modifications that allow you to use per-user
enable passwords (it isn't standard with the public domain server, but the
modifications are a piece of cake).


But it's for the work from remote places - I don't thgink you'll use One Time Passwords (at least manually) for the 
every day
configurations...


Don't be too sure; in a former life I did just that and it worked great
(using one-time passwords for enable access).  Sure people complained for a
while, but once everybody gets used to it it's not a big deal.

Alec

-- 
Alec H. Peterson - ahp () hilander com
Staff Scientist
CenterGate Research Group - http://www.centergate.com
"Technology so advanced, even _we_ don't understand it!"

Current thread:

Re: ABOVE.NET SECURITY TRUTHS?, (continued)
- - - Re: ABOVE.NET SECURITY TRUTHS? Kevin Oberman (Apr 29)
  - Re: ABOVE.NET SECURITY TRUTHS? Deepak Jain (Apr 28)
    - Re: ABOVE.NET SECURITY TRUTHS? Joshua Goodall (Apr 29)
    - Re: ABOVE.NET SECURITY TRUTHS? Deepak Jain (Apr 29)
    - RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 29)
    - RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 29)
    - RE: ABOVE.NET SECURITY TRUTHS? Deepak Jain (Apr 29)
  - Re: ABOVE.NET SECURITY TRUTHS? Bora Akyol (Apr 28)
    - Re: ABOVE.NET SECURITY TRUTHS? Austin Schutz (Apr 29)
    - Re: ABOVE.NET SECURITY TRUTHS? Michael Shields (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Alec H. Peterson (Apr 29)
- Re: ABOVE.NET SECURITY TRUTHS? Hank Nussbacher (Apr 30)
- Re: ABOVE.NET SECURITY TRUTHS? Danny McPherson (Apr 30)