[28443] in North American Network Operators' Group
Re: ABOVE.NET SECURITY TRUTHS?
daemon@ATHENA.MIT.EDU (Bryan S. Blank)
Sun Apr 30 09:44:49 2000
Message-Id: <200004301340.JAA08211@supernet.net>
To: hank@att.net.il (Hank Nussbacher)
Date: Sun, 30 Apr 2000 09:40:48 -0400 (EDT)
From: "Bryan S. Blank" <bryan@supernet.net>
Cc: ahp@hilander.com (Alec H. Peterson),
pfroutan@rackspace.com (Paul Froutan), rmeyer@mhsc.com,
nanog@merit.edu
In-Reply-To: <3.0.5.32.20000430092717.007f54c0@max.ibm.net.il> from "Hank Nussbacher" at Apr 30, 2000 09:27:17 AM
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
% TACACS encryption won't help if you follow the Cisco Essential IOS Features
Good document!
(http://www.cisco.com/warp/public/707/EssentialIOSfeatures_pdf.zip
for anyone who hasn't seen it)
% "aaa accounting command 15 start-stop tacacs+" can be considered an
% unintentional backdoor for many.
Use the source, Luke. Unfortunately you would still be shipping
the data over the network, but the free tacacs+ source can be
tweaked as you like to keep it from being logged.
-----------------------------------------------------------------------------
Bryan S. Blank bryan@supernet.net
(443)394-9529 tele
(410)995-2191 page
(410)802-6998 emer
