Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: ABOVE.NET SECURITY TRUTHS?

  • From: Greene, Dylan
  • Date: Fri Apr 28 17:26:20 2000


Maybe I should read the entire message before responding.. hehe.. =)

A switched private management lan resolves the cleartext problem.  

SSH version 1 is apparently supported in 12.0 as well (never played w/ it,
so dunno how well it works);

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
limit/120s/120s5/sshv1.htm

..Dylan 

| -----Original Message-----
| From: Paul Froutan [mailto:pfroutan@rackspace.com]
| Sent: Friday, April 28, 2000 4:46 PM
| To: rmeyer@mhsc.com
| Cc: nanog@merit.edu
| Subject: RE: ABOVE.NET SECURITY TRUTHS?
| 
| 
| 
| I don't think you can.  However, I use TACACS on all my switches and 
| routers.  From what I know, TACACS passwords are encrypted 
| using the key on 
| your network devices and the TACACS server.  So, that, in 
| combination with 
| a private management LAN not accessible by your customers 
| should lock down 
| your network pretty effectively.  Any comments?
| 
| At 4/28/00 -0700, you wrote:
| 
| > > Exiled Dave
| > > Sent: Friday, April 28, 2000 1:10 PM
| >
| > > Lets think about this, cisco in no way has such a flaw
| > > that would allow someone to 'root' and erase all the
| > > info on switches. The password was sniffed.
| >
| >Can one setup SSH on a Cisco 6509?
| 
| Paul Froutan                              Email: 
| pfroutan@rackspace.com
| Rackspace, Ltd                       <http://www.rackspace.com>
| 
| 





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.