Telnet Security Question for a Router.

• Previous message: Talisker: "Re: Wireless LAN detection"
• Next in thread: kawaii: "Re: Telnet Security Question for a Router."
• Reply: kawaii: "Re: Telnet Security Question for a Router."
• Reply: Jeremy Anderson: "Re: Telnet Security Question for a Router."
• Maybe reply: Mark Maher: "Re: Telnet Security Question for a Router."
• Reply: Jill Tovey: "Re: Telnet Security Question for a Router."
• Reply: Charley Hamilton: "Re: Telnet Security Question for a Router."
• Maybe reply: Tim Donahue: "RE: Telnet Security Question for a Router."
• Maybe reply: Eric Schroeder: "Re: Telnet Security Question for a Router."
• Maybe reply: Stephen Wilcox: "FW: Telnet Security Question for a Router."
• Maybe reply: d'Ambly, Jeff: "RE: Telnet Security Question for a Router."
• Maybe reply: Chris Berry: "Re: Telnet Security Question for a Router."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Tony Toni" <tony572000@hotmail.com>
To: SECURITY-BASICS@SECURITYFOCUS.COM
Date: Wed, 11 Dec 2002 02:45:43 +0000

We were currently wrote up by our external auditors because we use telnet to
access all of our routers. In some cases we use a filtered Telnet
service...but that is not the normal practice. We are a fairly good size
company with about 1000+ routers.

I am charged with coordinating a response to the auditors. I know all of
the security issues involved with Telnet...ie login id and password sent
across the network in clear text, etc. My question: Is it possible to
use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a
way to ensure no one can sniff the login id and password? The Network
Services Group is adamant that neither SSH or CISCO TACACS+ will work on a
router to correct the security issue.

Tony CIA,CISA,CDP,MBA
Security and Audit Services
Nations Banking & Trust

PS: I have been playing phone tag with the auditor that wrote us up...to see
what they recommend...have not reached him yet.

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail

• Next message: Gene: "Re: Preventing DHCP from allocating IPs"
• Previous message: Talisker: "Re: Wireless LAN detection"
• Next in thread: kawaii: "Re: Telnet Security Question for a Router."
• Reply: kawaii: "Re: Telnet Security Question for a Router."
• Reply: Jeremy Anderson: "Re: Telnet Security Question for a Router."
• Maybe reply: Mark Maher: "Re: Telnet Security Question for a Router."
• Reply: Jill Tovey: "Re: Telnet Security Question for a Router."
• Reply: Charley Hamilton: "Re: Telnet Security Question for a Router."
• Maybe reply: Tim Donahue: "RE: Telnet Security Question for a Router."
• Maybe reply: Eric Schroeder: "Re: Telnet Security Question for a Router."
• Maybe reply: Stephen Wilcox: "FW: Telnet Security Question for a Router."
• Maybe reply: d'Ambly, Jeff: "RE: Telnet Security Question for a Router."
• Maybe reply: Chris Berry: "Re: Telnet Security Question for a Router."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]