I agree that it is complete disaster when someone hacks into ASA with administrator privileges. But most likely someone can get into as unprivileged user and this is where he/she is looking for SSH/TELNET client to connect to other devices in my network. ASA is not a router, it is SECURITY device and should be hardened properly. One of those hardening features is lack of ssh/telnet clients.

Regards,
Piotr

On 2/20/13 12:58 AM, Steve Di Bias wrote:
Assuming someone hacks into your ASA, having an embedded SSH client would be the least of your worries

On Tuesday, February 19, 2013, Piotr Matusiak wrote:

    This is NOT missing feature. There is no TELNET/SSH client for
    purpose. I wouldn't like my ASA become a hop point to the rest of
    my network if someones breaks in.

    Regards,
    Piotr


    On 2/19/13 10:45 PM, Jimmy Larsson wrote:
    That has annoyed me since forever as well...

    http://nat0.net/another-missing-asa-feature-telnet-and-ssh-client/

    Best regards
    Jimmy


    2013/2/19 cisco 2006 <[email protected]>



        ----- Forwarded Message -----
        *From:* cisco 2006 <[email protected]>
        *To:* "[email protected]"
        <[email protected]>
        *Sent:* Tuesday, 19 February 2013, 20:32
        *Subject:* Fw: SSH session



        Dear Sir,
        I'm preparing for CCIE Security using IPexpert materials ,
        and I have a question about ssh session .The question is that :
        Can I opening ssh from cisco asa to another like a switch ?
        Best Regards,
        Israa





        _______________________________________________
        For more information regarding industry leading CCIE Lab
        training, please visit www.ipexpert.com <http://www.ipexpert.com>

        Are you a CCNP or CCIE and looking for a job? Check out
        www.PlatinumPlacement.com <http://www.PlatinumPlacement.com>




-- -------
    Jimmy Larsson
    http://nat0.net
    -------


    ___________________________________________



--
Thanks,
Steve Di Bias- CCIE #32840


_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com

Reply via email to