Re: DNS cache poisoning

[Malte von dem Hagen <DocValde () gmx de>]

Hallo vijay vikram shreenivos,
am Samstag, 14. Dezember 2002 um 07:29:38 schrieben Sie:


Yet two answers...

> 2.is there any way to send secure messages over telnet or ftp 
> other than ssh.

Sure, VPN = Virtual Private Network. But it depends on what you exactly
want to do, which is suitable for you. Both do their job well, why don't
you like ssh?


> 3.what is exact diff btw TACACS and RADIUS

BOTH are AAA (= Authentication, Authorization, Accounting) Solutions.

RADIUS in difference to TACACS+:

+ widely used

o Interoperability is possible, but not guaranteed -> proprietary
implementations, M$ Radius is not 3COM Radius, for example!

- using UDP -> not reliable
- only the password is encrypted, the rest is plain text
- the following protocols are not supported:
   ~ AppleTalk Remote Access (ARA)
   ~ NetBIOS Frame Protocol Control Protocol
   ~ Novell Asynch. Services Interface (NASI)
   ~ X.25 PAD connection
- it is not usable for router and switch management as TACACS+ is, due
to the available commands / options.

TACACS+ is an extension of the old TACACS standard which is quite lost
due to license things.
TACACS+ in difference to RADIUS:

- almost only on Cisco components

+ using TCP -> reliable
+ everything but the header is encrypted
+ Multiprotocol-support
+ difficile access rules for cisco components are definable
+ build modular

Again, it depends on what exactly you want to do with it for what is
better for you.

> awaiting your kind replies

here you got one :-)


> karpagamekapalidurgau

Herzlichen Glückwunsch! (is: What does that mean?)

best regards,

Malte.

-- 
Malte von dem Hagen

DocValde () gmx de
http://www.docvalde.net/