North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ABOVE.NET SECURITY TRUTHS?

  • From: Alec H. Peterson
  • Date: Fri Apr 28 17:12:54 2000

Paul Froutan wrote:
> 
> I don't think you can.  However, I use TACACS on all my switches and
> routers.  From what I know, TACACS passwords are encrypted using the key on
> your network devices and the TACACS server.  So, that, in combination with
> a private management LAN not accessible by your customers should lock down
> your network pretty effectively.  Any comments?

Using TACACS+ with some sort of one-time-passwording works very well.

Alec

-- 
Alec H. Peterson - [email protected]
Staff Scientist
CenterGate Research Group - http://www.centergate.com
"Technology so advanced, even _we_ don't understand it!"