Telnet Security Question for a Router.

From: Tony Toni (
Date: 12/11/02

  • Next message: Gene: "Re: Preventing DHCP from allocating IPs"
    From: "Tony Toni" <>
    Date: Wed, 11 Dec 2002 02:45:43 +0000

    We were currently wrote up by our external auditors because we use telnet to
    access all of our routers. In some cases we use a filtered Telnet
    service...but that is not the normal practice. We are a fairly good size
    company with about 1000+ routers.

    I am charged with coordinating a response to the auditors. I know all of
    the security issues involved with login id and password sent
    across the network in clear text, etc. My question: Is it possible to
    use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a
    way to ensure no one can sniff the login id and password? The Network
    Services Group is adamant that neither SSH or CISCO TACACS+ will work on a
    router to correct the security issue.

    Security and Audit Services
    Nations Banking & Trust

    PS: I have been playing phone tag with the auditor that wrote us see
    what they recommend...have not reached him yet.

    Tired of spam? Get advanced junk mail protection with MSN 8.

    Relevant Pages