Telnet Security Question for a Router.

From: Tony Toni (
Date: 12/11/02

  • Next message: Gene: "Re: Preventing DHCP from allocating IPs"
    From: "Tony Toni" <>
    Date: Wed, 11 Dec 2002 02:45:43 +0000

    We were currently wrote up by our external auditors because we use telnet to
    access all of our routers. In some cases we use a filtered Telnet
    service...but that is not the normal practice. We are a fairly good size
    company with about 1000+ routers.

    I am charged with coordinating a response to the auditors. I know all of
    the security issues involved with login id and password sent
    across the network in clear text, etc. My question: Is it possible to
    use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a
    way to ensure no one can sniff the login id and password? The Network
    Services Group is adamant that neither SSH or CISCO TACACS+ will work on a
    router to correct the security issue.

    Security and Audit Services
    Nations Banking & Trust

    PS: I have been playing phone tag with the auditor that wrote us see
    what they recommend...have not reached him yet.

    Tired of spam? Get advanced junk mail protection with MSN 8.