Re: OK.

[Dale Drew <ddrew () mci net>]

>  Most web page access, odd-statistics gathering, and ease-of-use
>  tools with which I am familiar use ^expect^ to implement such.

One such example would be MCI's "pollem", available at
ftp://ftp.mci.net/outgoing/pollem

"pollem" is a perl script that will log into a Cisco, pull
a copy of the on-line config, and compare it with a previously
pulled config (for things like network audits, etc).  It
can be changed to execute any command that the logged in user
has privledge for.

            http://www.security.mci.net/dostrack
================================================================
Dale Drew                                 MCI Telecommunications
Sr. Manager                                 internetMCI Security
                                                     Engineering
Voice:  703/715-7058                     Internet: ddrew () mci net
Fax:    703/715-7066                 MCIMAIL: Dale_Drew/644-3335
 
 
 

At 12:50 PM 10/25/97 -0400, Alan Hannan wrote:
>  It's my opinion first and foremost that you are not a moron.
>
>  Moreover, and keeping with the operational charter of the newsgroup, I 
>  would not recommend that folks enable r* commands on their cisco
>  routers.
>
>  When automated access is required, automating access with stored
>  passwords can be done quite handily.
>
>  While one must focus on protecting the sanctity of the stored
>  passwords, one doesn't have to focus on the security of forged r*
>  logins.  Protecting something within a host, rather than a network
>  segment, is probably simpler in this case than the converse.
>
>  $0.02.
>
>  Most web page access, odd-statistics gathering, and ease-of-use
>  tools with which I am familiar use ^expect^ to implement such.
>
>  -alan
>
> Quoting Alex Rubenstein (alex () nac net):
> > I am a moron; I can't figure it out.
> >
> > How do you make a cisco so that you can rsh into it (to use Mr. Kerns
> > looking glass)?
> >
> > TIA>