This depends on what type of access is granted when they log in. RADIUS
has the ability to force certain type of connections, limit the protocols
used, etc. You can configure RADIUS to use different user IDs and passwords
then the user's normal login.
We limit access by setting up a number of different connection types.
Different users are assigned different connections. For example, our
minicomputer vendor is assigned a connection type that limits their access
to a single host system via telnet. Cisco's TACACS
allows access lists to be applied on-the-fly based on a user's profile. We
also limit access based on time of day and day of week and all of our
dial-in accounts auto expire if they are not used.
> -----Original Message-----
> From: Curt Hefflin [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, September 01, 1999 6:20 AM
> To: [EMAIL PROTECTED]
> Subject: dailup security
>
> We have a pretty good firewall protecting our network from the Internet.
> However, we have well over 200 users with dail-up access via an Acsend box
> with RADIUS authentication. What are some of the risks of having this type
> of access into our network and can these things be cracked.
> Thanks,
> Curt
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
