yeah, in the past when Ive worked in nocs, things like extended ping and
show conf have been made exec level 1.
Brian "Sonic" Whalen
Success = Preparation + Opportunity
On Sun, 6 May 2001, EA Louie wrote:
> Big operations shops use privelege levels to allow NOC personnel to perform
> certain limited configuration commands - for example to give the NOC the
> ability to clear lines or configure an interface but not to reconfigure
> routing, or to disable debug commands from a particular priveleged EXEC
> secret password level. I've also used menus at login to accomplish similar
> functions.
>
> see
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur
> _c/scprt5/scpass.htm
> (watch wrap)
>
> ----- Original Message -----
> From: "Jason Roysdon"
> To:
> Sent: Saturday, May 05, 2001 9:28 PM
> Subject: Re: "enable password level" command [7:3277]
>
>
> > Best practice is to not use enable password period. Use enable secret.
> > Regarding your real question, what level to set? I've never thought or
> seen
> > anyone limiting the enable secret command (as this is the "root" command
> in
> > essence to the router). I don't think you'd normally do this, but rather
> > have AAA or local users defined with levels set.
> >
> > --
> > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
> > List email: [EMAIL PROTECTED]
> > Homepage: http://jason.artoo.net/
> >
> >
> >
> > ""Albert Lu"" wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Hi Group,
> > >
> > > Could someone give me an explanation and "best practise" in production
> > > networks for the "enable password level" command? I know that it is
> > between
> > > 1-15, with level 1 the lowest and 15 the highest level for most access.
> > Are
> > > the levels 2-14 user configurable?
> > >
> > >
> > > Thanks
> > >
> > > Albert
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3380&t=3277
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
