Telnet Security Question for a Router.

From: Tony Toni (tony572000@hotmail.com)
Date: 12/11/02

  • Next message: Gene: "Re: Preventing DHCP from allocating IPs"
    From: "Tony Toni" <tony572000@hotmail.com>
    To: SECURITY-BASICS@SECURITYFOCUS.COM
    Date: Wed, 11 Dec 2002 02:45:43 +0000
    
    

    We were currently wrote up by our external auditors because we use telnet to
    access all of our routers. In some cases we use a filtered Telnet
    service...but that is not the normal practice. We are a fairly good size
    company with about 1000+ routers.

    I am charged with coordinating a response to the auditors. I know all of
    the security issues involved with Telnet...ie login id and password sent
    across the network in clear text, etc. My question: Is it possible to
    use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a
    way to ensure no one can sniff the login id and password? The Network
    Services Group is adamant that neither SSH or CISCO TACACS+ will work on a
    router to correct the security issue.

    Tony CIA,CISA,CDP,MBA
    Security and Audit Services
    Nations Banking & Trust

    PS: I have been playing phone tag with the auditor that wrote us up...to see
    what they recommend...have not reached him yet.

    _________________________________________________________________
    Tired of spam? Get advanced junk mail protection with MSN 8.
    http://join.msn.com/?page=features/junkmail



    Relevant Pages