From: "Tony Toni" <[EMAIL PROTECTED]>Well, you could use SSL or VPN to create a secure tunnel for the Telnet session, but SSH would be a much better choice, its designed for that sort of thing. SSH works on most quality routers, what brand(s) do you have?
We were currently wrote up by our external auditors because we use telnet to access all of our routers. In some cases we use a filtered Telnet service...but that is not the normal practice. We are a fairly good size company with about 1000+ routers.
I am charged with coordinating a response to the auditors. I know all of the security issues involved with Telnet...ie login id and password sent across the network in clear text, etc. My question: Is it possible to use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a way to ensure no one can sniff the login id and password? The Network Services Group is adamant that neither SSH or CISCO TACACS+ will work on a router to correct the security issue.
Chris Berry
[EMAIL PROTECTED]
Systems Administrator
JM Associates
"Live dangerously, overclock your servers."
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
