Re: Telnet Security Question for a Router.

["Jill Tovey" <jill.tovey () bigbluedoor com>]

Hi Toni,

This page should help you:
http://www.cisco.com/en/US/tech/tk648/tk367/tech_configuration_examples_list
.html

Kind Regards,

Jill Tovey

----- Original Message -----
From: "Tony Toni" <tony572000 () hotmail com>
To: <SECURITY-BASICS () SECURITYFOCUS COM>
Sent: Wednesday, December 11, 2002 2:45 AM
Subject: Telnet Security Question for a Router.


> We were currently wrote up by our external auditors because we use telnet
to
> access all of our routers.  In some cases we use a filtered Telnet
> service...but that is not the normal practice.  We are a fairly good size
> company with about 1000+ routers.
>
> I am charged with coordinating a response to the auditors.   I know all of
> the security issues involved with Telnet...ie login id and password sent
> across the network in clear text, etc.   My question:   Is it possible to
> use SSH or CISCO TACACS+ to encrypt the entire Telnet session?  Is there a
> way to ensure no one can sniff the login id and password?   The Network
> Services Group is adamant that neither SSH or CISCO TACACS+ will work on a
> router to correct the security issue.
>
> Tony CIA,CISA,CDP,MBA
> Security and Audit Services
> Nations Banking & Trust
>
> PS: I have been playing phone tag with the auditor that wrote us up...to
see
> what they recommend...have not reached him yet.
>
>
>
>
>
> _________________________________________________________________
> Tired of spam? Get advanced junk mail protection with MSN 8.
> http://join.msn.com/?page=features/junkmail