Don't forget about TACACS+ and Radius...
K
-----
Kristopher B. Climie, CCNP, CCDP
> From: [EMAIL PROTECTED] ("John Kaberna")
> Organization: GroupStudy.com Discussion Groups
> Newsgroups: groupstudy.cisco
> Date: 12 Sep 2000 17:48:38 -0400
> Subject: Re: can you shutdown a console port?
>
> The last statement was incorrect!!
>
> Console and aux ports DO NOT require a password. VTY's do however. You
> should set a complex password on your console and aux port.
>
> The other thing you can do is setup local authentication which will require
> a username and matching password. This will make it even harder to break.
>
> You can also weed out a few amatuers by changing your console speed to
> something other than 9600. When I tested mine I didn't even get ascii text
> so there is no indication the speed is set wrong. That may be different
> with other terminal programs though (I'm using SecureCRT 3.1).
>
> You should be ok as long as you have physical security and good passwords
> you likely won't have any problems.
>
> John
>
> ----- Original Message -----
> From: beth shriver <[EMAIL PROTECTED]>
> To: David L. Blair <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 12, 2000 12:52 PM
> Subject: Re: can you shutdown a console port?
>
>
>> if you use the password recovery technique and hit
>> break during boot . and go to rommon mode.. would the
>> router even know there is a password on the console?
>> thanks
>> Beth
>> --- "David L. Blair" <[EMAIL PROTECTED]> wrote:
>>> require a password on the console port and do not
>>> supply a password. That
>>> will effectively deny all access via the console
>>> port.
>>>
>>> -dlb
>>>
>>> ----- Original Message -----
>>> From: "beth shriver" <[EMAIL PROTECTED]>
>>> Newsgroups: groupstudy.cisco
>>> Sent: Tuesday, September 12, 2000 8:43 AM
>>> Subject: can you shutdown a console port?
>>>
>>>
>>>> Is there anyway to keep someone from plugging in a
>>>> console port and using password recovery procedure
>>> to
>>>> get into a router? for instance if you have a
>>> router
>>>> at a remote site and someone decides they want to
>>>> alter your config etc. what could stop them?
>>> (besides
>>>> a huge padlock ?)
>>>>
>>>>
>>>> __________________________________________________
>>>> Do You Yahoo!?
>>>> Yahoo! Mail - Free email you can access from
>>> anywhere!
>>>> http://mail.yahoo.com/
>>>>
>>>> **NOTE: New CCNA/CCDA List has been formed. For
>>> more information go to
>>>> http://www.groupstudy.com/list/Associates.html
>>>> _________________________________
>>>> UPDATED Posting Guidelines:
>>> http://www.groupstudy.com/list/guide.html
>>>> FAQ, list archives, and subscription info:
>>> http://www.groupstudy.com
>>>> Report misconduct and Nondisclosure violations to
>>> [EMAIL PROTECTED]
>>>>
>>
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! Mail - Free email you can access from anywhere!
>> http://mail.yahoo.com/
>>
>> **NOTE: New CCNA/CCDA List has been formed. For more information go to
>> http://www.groupstudy.com/list/Associates.html
>> _________________________________
>> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>> FAQ, list archives, and subscription info: http://www.groupstudy.com
>> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
