Re: Desktop Support Access

["David Nichols" <dnichols () amci com>]

Hey Thomas (& the rest of the list)-

Correct me if I'm wrong, (please!, I've gone through a CCNA course but
haven't taken the test yet!) but I think the IOS only has two levels of
access, one to basically monitor and the other to admin the router.  If this
is the case, I think you're out of luck.  Does any one know of any software
(simulator-like) that will only allow certain commands to be passed on to
the router?  If not, I'M CALLING THE PATENT OFFICE RIGHT NOW!! (just
kidding)  ; )

David Nichols
A+, Network+

----- Original Message (edited) -----
From: "Thomas Graf" <tgraf () swmail sw org>
To: <security-basics () securityfocus com>
Sent: Friday, October 17, 2003 10:22 AM
Subject: Desktop Support Access


> ... The desktop support is requesting access to (Cisco) routers and
switches to enable/disable
> ports.  (...)   I know that they are going to get it and it is a big risk,
but is there any way to
> limit there access to just enabling/disabling ports?
>
> Thanks for all the help.
>
> Thomas Graf
> HW/SW Technician



---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------