Bugtraq mailing list archives
Re: Cisco IOS password encryption facts
From: ankh () canuck gen nz (J. Sean Connell)
Date: Wed, 12 Nov 1997 14:13:49 +1300
On Tue, 11 Nov 1997, ice9 wrote:
This is why, if you are worried about security, perhaps TACACS+ would be a good option. Even if the router can't reach the TACACS server, with proper configuration, you will still need the enable passwd just to enter maintenance mode...
Not necessarily. If you use TACACS+ for AAA and enable AAA accounting, you will (at least in my humble experience) be unable to get in - the cisco must send an accounting record to the TACACS+ server, but it can't reach the TACACS+ server, so it refuses to let you in. (If anyone knows how to get around this without turning off aaa accounting, *please* let me know! =) (Also note that I may have any and/or all of the above wrong - it's so long that I can't quite remember all the exact details...) -- J. S. Connell | Systems Adminstrator, ICONZ. Any opinions stated above ankh () canuck gen nz | are not my employers', not my boyfriends', my God's, my ankh () iconz co nz | friends', and probably not even my own. -------------------+--------------------------------------------------------- PGP key at http://www.canuck.gen.nz/~ankh/pgpkey.html
Current thread:
- Re: Intel Pentium Bug, (continued)
- Re: Intel Pentium Bug Jason Parsons (Nov 09)
- Re: Intel Pentium Bug Kragen \ (Nov 10)
- Possible solution: [Fwd: I figured out how to make my Pentium Miguel Angel Rodriguez Jodar (Nov 10)
- Re: Intel Pentium Bug Tim Newsham (Nov 10)
- CERT Advisory CA-97.25 - CGI_metachar Aleph One (Nov 10)
- Re: CERT Advisory CA-97.25 - CGI_metachar Greg Bacon (Nov 11)
- Re: Intel Pentium Bug Jason Parsons (Nov 09)
- L0pht Advisory: IE4.0 DilDog (Nov 10)
- L0pht Advisory: IE4.0 Petri Helenius (Nov 10)
- Cisco IOS password encryption facts John Bashinski (Nov 10)
- Re: Cisco IOS password encryption facts ice9 (Nov 11)
- Re: Cisco IOS password encryption facts J. Sean Connell (Nov 11)
- Re: Cisco IOS password encryption facts Michael Degerman (Nov 13)
- mode of the i586 F0 bug VaX#n8 (Nov 12)
- Re: mode of the i586 F0 bug Alan Cox (Nov 12)
- Linux F00F Patch Aleph One (Nov 12)
- Re: Safe /tmp cleanup Randal Schwartz (Nov 12)
- Re: Safe /tmp cleanup dsiebert () ICAEN UIOWA EDU (Nov 13)
- another buffer overrun in sperl5.003 Pavel Kankovsky (Nov 13)
- Re: Safe /tmp cleanup Valdis Kletnieks (Nov 13)
- IE4.0 patch Richard Trott (Nov 13)
- X Security problem (?) Carlo Wood (Nov 13)