[13040] in North American Network Operators' Group
Re: OK.
daemon@ATHENA.MIT.EDU (Dale Drew)
Sat Oct 25 13:55:05 1997
Date: Sat, 25 Oct 1997 13:45:27 -0400
To: Alan Hannan <hannan@bythetrees.com>, Alex Rubenstein <alex@nac.net>
From: Dale Drew <ddrew@mci.net>
Cc: nanog@merit.edu
In-Reply-To: <19971025125015.46770@freedom.bythetrees.com>
> Most web page access, odd-statistics gathering, and ease-of-use
> tools with which I am familiar use ^expect^ to implement such.
One such example would be MCI's "pollem", available at
ftp://ftp.mci.net/outgoing/pollem
"pollem" is a perl script that will log into a Cisco, pull
a copy of the on-line config, and compare it with a previously
pulled config (for things like network audits, etc). It
can be changed to execute any command that the logged in user
has privledge for.
http://www.security.mci.net/dostrack
================================================================
Dale Drew MCI Telecommunications
Sr. Manager internetMCI Security
Engineering
Voice: 703/715-7058 Internet: ddrew@mci.net
Fax: 703/715-7066 MCIMAIL: Dale_Drew/644-3335
At 12:50 PM 10/25/97 -0400, Alan Hannan wrote:
>
> It's my opinion first and foremost that you are not a moron.
>
> Moreover, and keeping with the operational charter of the newsgroup, I
> would not recommend that folks enable r* commands on their cisco
> routers.
>
> When automated access is required, automating access with stored
> passwords can be done quite handily.
>
> While one must focus on protecting the sanctity of the stored
> passwords, one doesn't have to focus on the security of forged r*
> logins. Protecting something within a host, rather than a network
> segment, is probably simpler in this case than the converse.
>
> $0.02.
>
> Most web page access, odd-statistics gathering, and ease-of-use
> tools with which I am familiar use ^expect^ to implement such.
>
> -alan
>
>Quoting Alex Rubenstein (alex@nac.net):
>>
>> I am a moron; I can't figure it out.
>>
>> How do you make a cisco so that you can rsh into it (to use Mr. Kerns
>> looking glass)?
>>
>> TIA>
>>
>>
>
>
