I have no experience with TACACS or RADIUS, but I did read once that they have similar functions & both have logging capabilities including what ip addresses has dialed up for authentication etc... Once dialed up though, I don't think that they will log where users are going to as they are only authentication protocols. For this, the actual proxy service that the ISP is using would monitor this if enabled. As for CiscoSecure ACS I'm not sure what this is...sorry I'm only a lowley Helpdesk operator. I hope this helps somewhat anyway, I'm sure someone else can give you more detail. cu Stu -----Original Message----- From: - [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 03, 2001 9:16 PM To: [EMAIL PROTECTED] Cc: Security Basics (E-mail) Subject: tracking rogue dialup users Greetz. Just a matter of interest. Say there is user A, he dials up to ISP J. User A breaks into server X. Server X has the ip, he contacts the isp.... How is the user tracked from there on... Do servers like CiscoSecure ACS keep track of the ip and the time connected. The reason I am asking is in my little experience that I had with CiscoSecure ACS and their radius, I could not find such info on the logs. Is tacacs perhaps a little better, will it give me more info? Or will this user just get away with this -- Doubt it though.... Any help will be greatly appreciated. Ciao Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12443&t=12443 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
