I still think it's funny how much folks have hyper-spazed on this thread. I
think I've said it at least twice that only one telnet session is allowed
into the MS Telnet Server. Further, I can see the IP that does connect,
plus I'm talking to the Cisco engineer the whole time, and
lastly, as soon as Cisco was done I disabled the account on my laptop. The
routers weren't online in any other fashion. End of access remotely, end of
story.
Don't feel too secure with ssh either. How would Cisco get my public key
securely? If I sent it to them, it'd be vulnerable to a man-in-the-middle
attack. Unless you physically copy your public key to your box from your
access server, someone could have snatched it on the wire and tossed you
another, which they could easily talk to your spoofed ssh client with, and
then relay the commands to the real ssh server with the public key it
intercepted, and you'd never know it.
I've got CDPD in my car. Slower than mud, especially for telnet. It's fine
if I just need to pop in and check status on a router. The best method
seems to be to ssh into my Linux box which I run screen on (allowed for
multiple bash sessions to be kept active, even when I disconnect). I often
have a few dozen screens open to customer sites and can easily pop on
remotely even with CDPD's slowness to get status on something or make a
minor change. The speed is only 14.4K, but it's really the latency that's
horrid. 700-2000ms delay is pretty normal, if not more.
It is nice for getting traffic status while on the road, but the following
page takes 3-5 minutes to load (watch the wrap):
http://www.mapquest.com/cgi-bin/traffic?from=index&event=overview&link=btwn/
twn-traffic_overview&traffic_city=sfo:gcd:San+Francisco:CA:377750:-1224183&u
id=u18ah4oao6gcscze:bl14a0uwt
Outlook Webaccess can take 10 minutes to load. But if you're bored and
stuck in traffic, what else can you do? Heh.
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
Cisco resources: http://r2cisco.artoo.net/
"John Nemeth" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Jun 10, 11:13am, Priscilla Oppenheimer wrote:
>
> Yes. I would have the head of anybody that tried that stunt. At
> the very least, he should have been using ssh. However, even that
> would have been dicey.
>
> As far as the lack of an analogue phone line, that problem is
> easily solved (depending on your point of view) by using CDPD (Cellular
> D? Packet Data). I have a friend in Canada that has a CDPD modem in
> his laptop. The service is $50/month for unlimited usage from Telus
> Mobility. It doesn't matter where he is, his laptop is always
> on-line. Add an ethernet card in the second PCMCIA slot, and you've
> got a roaming router that could create a back door into any network.
>
> }-- End of excerpt from Priscilla Oppenheimer
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
