It uses tcp port between 1521 and 1571; however, 1521 and 1526 is most
commonly used because usually Oracle listener is running on either of
these port. Do a netstat -an | grep 1521 or 1526 to check of Oracle
listener is running on the box.
From: Rod Rodericks Reply-To: Rod Rodericks To:
[EMAIL
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa
of info without TACACS, with show commands. Best regards, Sean
Young wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
aaa accounting exec default start-stop group tacacs+ aaa accounting
commands 0 default start-stop group tacacs+ aaa accounting commands 1
default start-st
If you have tacacs, you can also find out the last person who make the
configuration changes. Here is the output:
Current configuration : 5076 bytes
!
! Last configuration change at 22:05:18 EDT Sat Sep 22 2001 by
learn_cisco
! NVRAM config last updated at 22:04:33 EDT Sat Sep 22 2001
!
version
Mike,
you are correct about the recent trend on Network Engineering in general
and Cisco Engineer in particular. These recent CCIEs know nothing
else but Cisco (not that they are expert to begin with). Most don't even
know how to write simple shell script on Unix platforms. If this sound
like
michael,
why don't you contact me privately and I will show you how it can be
done. I am NOT an expert with TACACS with I have done enough in the last
12 months that I think I am quite good with it. I work for an ISP and
basically we have to manage about 400 routers and switches. Since there
compromise by hackers, do you? I wish I can say
the same thing about point-and-click windows.
From: Alex Lee To: \Sean Young\ Subject: Re: seraching for
tacacs server [7:20872] Date: Mon, 24 Sep 2001 21:42:16 -0400 Hi
Sean, This is Alex Lee. I have been trying to learn how to run TACACS
on Linux. I
I have some bad news for you. The PDM also allows outside connection, the
same thing
goes with SSH (version 1). I wish Cisco starts implementing SSH version
2 on all the PIXes
From: Gareth Hinton Reply-To: Gareth Hinton To:
[EMAIL PROTECTED] Subject: Re: PIX ver 6 Security [7:20842] Date:
Sun,
show line on the 7206 router will tell you the number of the AUX port
From: Ed Horley Reply-To: Ed Horley To: [EMAIL PROTECTED]
Subject: 7206 reverse telnet to aux port [7:20336] Date: Tue, 18 Sep
2001 20:56:40 -0400 Alright, I am being a slacker, I can't remember
the port number for the aux
conduit permit ip any any
From: Pierre-Alex Reply-To: Pierre-Alex To: [EMAIL PROTECTED]
Subject: PIX Firewall [7:19434] Date: Tue, 11 Sep 2001 12:57:14 -0400
For testing purpose I want to open all the ports of my firewall. The
firewall uses software version 4.07 and uses conduit statements. I
Don't mess around with privilege level command. Jeff is correct is that
you should build yourself a TACACS server (after all, it is free).
Another thing, Authorization, does it ring a bell? Even with TACACS, one
of the complaint that I've heard about customers is that somehow, if the
router
OK, I have been getting 256 emails for the past few days regarding how to
build a PIX out of an old PC. Now for thos, who have all the spare
parts, you just have to wait a tad longer until everyone in the group get
their parts so that we can build the PIX together at once.
Regarding the flash
You are spending too much time on Microsoft Windows, that's why your Unix
skill is getting rusty. Joking aside, on a serious thought, make sure
that your syslogd is accepting remote logging connection. On your
Solaris box, do the following: ps -eaf | grep syslog, if you see
something like
www.google.comm and search for seyon. It is the best hyperterminal bar
NONE. And it is FREE too
From: george gittins Reply-To: george gittins To:
[EMAIL PROTECTED] Subject: hyperterminal for linux [7:17115] Date:
Fri, 24 Aug 2001 10:01:06 -0400 is there a hyperterminal version for
misconduct
If you are familiar with Unix, contact me off-line and I will assist you
with installing and configuring TACACS on Unix platform. I can also help
you with configuring routers and switches as well.
From: khramov Reply-To: khramov To: [EMAIL PROTECTED] Subject:
Re: Tacacs [7:17110] Date: Fri, 24
I run RedHat 7.1 with kernel 2.4.7 on a Dell Optiplex 700 MHz with no
keyboard and mouse. Didn't have to do anything unusual like disabling it
in the BIOS. By the way, I control the Unix/Linux box via Terminal
server.
From: Jonathan Hays Reply-To: Jonathan Hays To:
[EMAIL PROTECTED] Subject:
.
On a side note, how did Jason know how to do this? Man, he is good.
From: Baker, Jason To: Sean Young , [EMAIL PROTECTED] Subject:
RE: OT, was RE: Tacacs+ for home Use? and Passed CCIE [7:14417] Date:
Wed, 1 Aug 2001 10:29:18 +1000 nothing to do with the operating system
on intel boxes. If you set
If I am NOT mistaken, you can remote manage Cisco Secure from a browser;
however, it uses http which mean everything goes in the clear (username
and password). I strongly suggest that you tunnel X- via SSH from your
PC to the solaris box to manage your Cisco Secure. It is much safer that
way.
It is NOT true at all. You can implement queueing technologies to allow
certain applications traffic higher priority than other. For example,
ftp traffic will hog up most of your bandwith while other application
such as http and telnet will have a hard time passing through. This
problem can be
LONG LIVE JUNIPER
From: Ahmed Mamoor Amimi Reply-To: Ahmed Mamoor Amimi To:
[EMAIL PROTECTED] Subject: good news and bad news for 1 day lab
[7:13237] Date: Sun, 22 Jul 2001 02:33:36 -0400 Guys, There are some
good news and some bad for the CCIE LAB exam . Good News : 1- the
lab is
Mark is right. If you are using Unix/Linux system, tftp is a daemon that
can be setup to run automatically at boot-time. However, unlike windows
tftp, tftp in unix/linux requires that the file must already be exit
before you can upload from the router to the unix/linux box. It is a
minor
Brian,
go to www.google.com and look for a software called seyon. This is
equivalent to Teraterm
Pro in windows. It is the best hyperterminal (freeware) for linux. Just
download the rpm
package and rpm it with rpm -Uvh package-name. to run, just type
seyon.
Good luck
From: bjp Reply-To:
What's wrong with CCIEs today? I know that I am making a general
assumptions; however,this is the second time that it has happend to the
company that I work for. We have several tacacs servers that use to
authenticate users. These tacacs servers are running on a combination of
Linux and
! JohnSean Young 7/20/01 5:14:47 PM
What's wrong with CCIEs today? I know that I am making a general
assumptions; however,this is the second time that it has happend to the
company that I work for. We have several tacacs servers that use to
authenticate users. These tacacs servers are running
, and if you're smart, you won't hire someone to
do UNIX stuff without making them prove that they *can* do it. In other
words, quit your bellyaching. ;-) BJ - Original Message -
From: Sean Young To: Sent: Friday, July 20, 2001 6:14 PM Subject:
what's wrong with CCIE today? [7:13151] What's wrong
set of Unix. It seems CCIEs know how to use
Microsoft Windows? Why not Unix? Didn't these guys ever attend
college? As far as I am concerns that's where most people learn their
Unix skills
From: David Wolsefer To: 'Sean Young' CC: Subject: RE: what's
wrong with CCIE today? [7:13151] Date: Fri, 20
starting point, it's not the end of the road. Okay, enough rambling.
Time to go home! JohnSean Young 7/20/01 5:14:47 PM
What's wrong with CCIEs today? I know that I am making a general
assumptions; however,this is the second time that it has happend to the
company that I work for. We have
About 8 months ago, I purchased 3 Olives boxes (PCs that run Juniper
Operating System [JUNOS]) at $900 each. Now that I am done with using
it, I wonder if it is legal to sellthese Olives to anyone who would like
to learn JUNOS. I've seen people selling Cisco gearsall the time with
IOS bundles
Your question is VERY vague and therefore can NOT be answered. However,
I will attempt to do the best with the limited information you provided.
I will assume that the VPN server is sitting behind the Firewall or on
the Firewall itself. If you are using PPTP (microsoft VPN) then the
firewall
This Cisco bug will BITE only if you use local account. If you use
TACACS for Authentication, Authorization and Accounting (AAA), then you
do NOT to have to worry about this bug. I've been trying to test it in
the lab without success because I use TACACS. If anyone think I am
wrong, please
what kind of advice is this tftpdnld -r? This feature is NOT supported
for the 36xx platforms. It is only supported for the 26xx platforms. I
have never used the 3660 platforms; however, I have experiences with
both the 26xx and 3640 platforms. If the 3660 router has PCMCIA slot
card, the
The main differences between a 3640 and 2600s are follows (if I am wrong,
please correct me):
1) 3640 has faster processor than 2600,
2) 3640 has 2 NM slots compared to just 1 for 2600s (however, 2600 has
at least 1 built-in
Ethernet port compared to none for 3640,
3) 3640 can handle
Your explaination is EXCELLENT. However, I would like to add that by
using PAT (PortAddress Translation), some applications like H323 will
have problem because those applications sometime require specific inbound
port. I've had first-hand experience withCisco PIX when trying to do
PAT. From:
If you are running Linux/Unix OS, Free radius is free (www.freeradius.org).
If you prefer TACACS over Radius, go to ftp://ftp-eng.cisco.com and
download tacacs source code. You can even implement S/KEY to work with
both TACACS and Radius. Furthermore, both RADIUS and TACACS allow you to
hack
I took the Cisco PIX Firewall Advanced exam this morning and passed it
with a minimumscore of 751. The passing score is 751. The exam contains
60 questions and you have 75minutes to complete it. The exam does NOT
let you go back to previous questions. Personally, I think this is one
of the
Has anyone in this group taken this exam yet? If you have, can you share
your experience?How difficult is it compare to other Cisco exams? Comments
are appreciated.
Get your FREE download of MSN Explorer at
Let me also add that Secure Shell version 2 is very secure. Furthermore,
use OpenSSh because it is free and I believe the latest version is 2.5.x
or something. One other thing, if you change the keylength from 768
(which is th default) to 1024 with SSH version 2, it will make box
rock-solid.
I took the the CCIE written almost 11 months ago. It took me and my
friends 3 times to each
to pass the exam. Along the way, we were able to recreate a list that
has about 420 live
CCIE questions and we used it to pass the exams. I don't know if those
questions are still
valid with the
. from
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis2600/net_m
od2/conntser.htm The interface number of a port is determined using
the following relation: interface-number = (32 x slot-number) +
unit-number + 1 Thanks -The Nate Sean Young wrote in message
[EMAIL PROTECTED]"
I am hoping someone on the group can explain to me the following
situation: I've noticed that on the Cisco 2500s platform, the AUX port is
listed on line 1 (sine consoleport is on line 0). However, on Cisco
2600s platform, the AUX port is listed on line 65(console port is still
at line 0). On
. Please don't give
out
wrong information unless you know it is accurate.
Anyone else would like to comment on this one. Am I correct in this
case?
Regards,
Sean
From: Charles Manafa To: 'Sean Young ' , '[EMAIL PROTECTED] '
Subject: RE: Can anyone shed the light on Cisco AUX port? [7:6640]
Date
To:
[EMAIL PROTECTED] Subject: Re: Can anyone shed the light on Cisco AUX
port? [7:6640] Date: Thu, 31 May 2001 21:16:49 -0400 The 2600 series
only has one NM slot, but you can buy NM modules with different numbers
of ports on them. -- Neil Schneider MCT MCSE CCSI CCNP
Sean Young wrote
I do have the Olive (JUNOS) code that will run on the Intel platform.
I've been playing with Olive code for almost six months now. Both the
J-base and J-kernel are 4.4B3.2. BecauseI am learning JUNOS on my own, I
don't expect technical support from Juniper. The installation is very
simple.
While I don't want to get in trouble by distributing olive code running
on PC without
the permission from Juniper Network; however, what I don't understand is
why you
are against this. In contrast to Cisco, Juniper routers are very
expensive (even for
the M5 router), and how are we going to
the materials
you will need
for Juniper are available at www.juniper.net
Sean
From: [EMAIL PROTECTED] To: Sean Young Subject: Re: Has anyone taken
the Juniper exam lately? [7:4731] Date: Thu, 17 May 2001 18:08:46 +0100
Hello. I have a strong interest in pursuing the Juniper
certification
I don't want to sound like a broken record (again!); however, I suggest
you download all
the documentation from www.juniper.net and read it from cover to cover
(about 4000 pages
in all). After that, you need to get your hand on the Olive code (this
is JUNOS that runs
on a PC box (very much
Has anyone taken the Juniper exam recently? A friend of mine took the
exam this morningand failed. It took me 3 tries to pass the Juniper
Network Certified Internet Specialist (JNCIS). I remembered every
questions each time I took the exam and wrote them downafter the exam.
Because of this, I
have any questions for anyone who want them. The
questions are in my head and
they will remain there forever. If anyone who want to be JNCIS,
study and prepare for the
exam. There is no free lunch.
Sean
From: Peter Van Oene To: Sean Young Subject: Re: Has anyone taken
the Juniper
I have a few suggestions for you:
1) get rid of Microsoft windows servers and Sun Solaris; Use only NetBSD
and
software that are open-source,
2) Replace Cisco routers with Juniper routers,
3) For IDS software, I strongly recommend Man-Trap and Man-Hunt. If you
are
just a cheap-skate like
show run = show configuration
debug packet icmp = monitor
Good luck
Sean
Juniper makes Cisco looks like child's play
From: Marc-Andre Giroux Reply-To: Marc-Andre Giroux To:
[EMAIL PROTECTED] Subject: Juniper technical question [7:4398] Date:
Mon, 14 May 2001 08:19:19 -0400 2 questions
Hi Everyone, I am selling the following two cisco routers: Cisco router
2515: Token ring router with 2 token ring interfaces and 2 serial
interfaces. Thisrouter has 8MB of DRAM and 16 MB Flash and it has IOS
c2500-jos56i-l_120-8.bin whichis capable of supporting IPSEC, Cisco
router 2501:
Hi Everyone,
I am selling the following two cisco routers: Cisco router 2515: Token ring
router with 2 token ring interfaces and 2 serial interfaces. Thisrouter has
8MB of DRAM and 16 MB Flash and it has IOS c2500-jos56i-l_120-8.bin whichis
capable of supporting IPSEC,
Cisco router 2501:
AK
-Original Message-
From: Sean Young [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 29, 2001 7:19 PM
To: [EMAIL PROTECTED]
Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245]
You can access it using a browser anywhere. This is what I am worried
about. When you are talking
and manage. You can
access it using a browser anywhere. It also allows you to control the
admin access itself so that others can manage usersgroups etc but not the
top admin level functions
Sean Young wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi Everyone,
The comp
they had was
for version 2.6 was for Windows NT/2000. We elected to go with a
Cisco's freeware TACACS+...
Sean Young wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi Everyone,
The company I am working for is considering purchasing Cisco ACS
software. Th
Hi Everyone,
The company I am working for is considering purchasing Cisco ACS
software. This piece of software will be running on Solaris platform.
Currently, I am using TACACS+ (self-supported software with source code)
on our environment running on both Solaris and linux platforms (Primary
Rico,
I need to know how familiar you are with Unix platform. I run my tacacs
server on a linux platform. The setup and configuration is quite simple.
Before I go on, I need to know the following the information:
1) How familiar are you with Unix? by that, I mean you don't have to
be familiar
Either TACACS+ or RADIUS will do the trick. If you are NOT familiar with
Unix, tough luck.
Sean
From: "SH Wesson"
Reply-To: "SH Wesson"
To: [EMAIL PROTECTED]
Subject: telnet [7:1212]
Date: Thu, 19 Apr 2001 09:18:49 -0400
I want to allow this one network to be able to to telnet into my
Let me make my position clear. The best way to do this is through
TACACS+. AAA, does it ring a bell? TACACS+ will solve your problem and
more. Don't try to fix the problem with the bandage approach. Because
if you do, it will comeback and bite you in the future.
Just my .02 cents.
Sean
Before I begin mouthing off, if I am wrong, please correct me.
First of all, unless I am completely wrong, TACACS+ is Free; however,
Cisco Secure ACS is NOT. From what I understand, TACACS+ source code is
self-supported. TACACS+ code can be found at:
http://www.gazi.edu.tr/tacacs/
The source
simon,
go to www.3com.com and download the 3CDaemon software. It is fast,
small and sleek. It has tftp, ftp and syslog in the same program.
Sean
From: "[EMAIL PROTECTED]"
Reply-To: "[EMAIL PROTECTED]"
To: [EMAIL PROTECTED]
Subject: syslog service freeware [7:932]
Date: Tue, 17 Apr 2001
Hi everyone,
I took the Juniper exam yesterday and passed the exam with a score of
80% (the passing score is 80%). In restropect, I have to say that the
materials are really difficult, the questions are very tricky but fair.
One thing I like about Juniper is that the exam is that even though
Stephano,
I would be glad to help you or anyone who would like to setup and
configure a linux firewall. Furthermore, you are welcome to use
ipchains; however, the new linux kernel 2.4.2 supports netfilter (aka
iptables). The new kernel is very slick and fast. My suggestion is to
go with the
I would like to thank John for his valuable tip. I am also running
Redhat linux 7.0. The tftpd version that comes with Redhat 7 is 0.17-5.
I have to remove this version and put on version 0.15-1. TFTP works like
a charm. Thanks again John.
Regards,
Sean
PS. for those would like to know how
the latency issue.
PLEASE HELP.
From: "Sean Young" [EMAIL PROTECTED]
Reply-To: "Sean Young" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Implement Secure Shell (SSH) on Cisco 3640 router
Date: Wed, 04 Apr 2001 21:41:29 -0400
Hi everyone,
I've posted this question las
wly. But it should be possible to escalate --
if for no other reason that it's been an open ticket for a while.
Have you discussed it with your local Cisco office?
PLEASE HELP.
From: "Sean Young" [EMAIL PROTECTED]
Reply-To: "Sean Young" [EMAIL PROTECTED]
To: [EMAIL PROTECTE
You should have the following on your 2611 async line:
line 1 16
no exec
terminal-type vt100
transport input all
stopbits 1
flowcontrol hardware
that should do the trick.
From: "perryb" [EMAIL PROTECTED]
Reply-To: "perryb" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: 2611 and reverse
Hi everyone,
I've posted this question last week but never got a satisfactory response
so I will post it again; hopefully, I can get a better suggestion this
time.
I am running SSH on a Cisco 3640 router with IOS 12.1.7(T) version.
This router is used a an access server to control other Cisco
TED]
Reply-To: "Groupstudy.com" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Secure telnet to your router using SSH
Date: Sun, 1 Apr 2001 15:15:07 -0400
Thanks, Sean,
PuTTY worked fine.
Ruihai
""Sean Young"" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">
ink you left out some vital commands.
Router(config)# hostname hostname
Router(config)# ip domain-name domainname
Router(config)# crypto key generate rsa
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
t/121t1/sshv1.htm#xtocid265436
Clayton Price
&
onfig)# ip domain-name domainname
Router(config)# crypto key generate rsa
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
t/121t1/sshv1.htm#xtocid265436
Clayton Price
""Sean Young"" [EMAIL PROTECTED] wrote in message
[EMAI
The answer is a very easy one. You need to download Cisco IOS with
either DES or 3DES. Furthermore, you will need to do this:
line vty 0 4
transport input ssh
That will do the trick. If you want to be even more secure, implement
TACACS server instead of local account. By the way "transport
Hi Everyone,
I am using TACACS Server to Authenticate, Authorize and Account users on
the Network Access Server (Cisco Terminal Server). It is working great.
However, I would like to duplicate the same thing but I would like to
use RADIUS instead of TACACS. I am running free RADIUS on a SUN
Mr. Cheapskate,
TACACS and RADIUS have always been free. Go to these sites:
http://www.gazi.edu.tr/tacacs/
http://www.freeradius.org
TACACS is esasy to setup and configure. RADIUS is more powerful,
open-standard but a little more difficult to set up. F___ those bastards at
Cisco. They
g able to split
Authentication, Authorization and Accounting services, to setting privilege
exec levels, TACACS+ is far more "powerful" then RADIUS.
-Rizzo
-----Original Message-
From: Sean Young [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 28, 2001 12:21 PM
To: [EMAIL P
Rizzo,
My mistake. sorry about that. In a Cisco-centric environment, TACACS+
is definitely THE choice. I also agree is much easier to configure than
RADIUS.
Sean
From: Rizzo Damian [EMAIL PROTECTED]
Reply-To: Rizzo Damian [EMAIL PROTECTED]
To: "'Sean Young'" [EMAIL PROTECTED],
Hi everyone,
I have a story that wish to share with everyone. One of my friends
works for a company that uses Cisco PIX as the firewall. This afternoon,
he called and told me that the company firewall is experiencing a Denial
of Service (DOS) attack. The attack is so heavy that the PIX is just
Hi everyone,
I have a story that wish to share with everyone. One of my friends
works for a company that uses Cisco PIX as the firewall. This afternoon,
he called and told me that the company firewall is experiencing a Denial
of Service (DOS) attack. The attack is so heavy that the PIX is just
Hi everyone,
Is it just me or anyone in the group experiencing the same thing?
I've implemented SSH features on one of our ACCESS servers and I notice
that it is very slow. The access server is a Cisco 3640 with 128MB RAM.
I notice the performance is quited slow even on a Fast Ethernet LAN.
I
to set a vty
password. While not disabling the telnet server, it will prevent any
attempts to telnet to the router.
John
"Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM
Hi everyone,
Is it just me or anyone in the group experiencing the same thing?
I've implemented SSH features o
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Cisco router is running very slow when SSh is implmented
Date: Tue, 27 Mar 2001 11:04:33 -0500
Enter a "no login" under the vty config and that will disable telnet
authentication, effectively shutting off telnet
As far as disabling telnet, the only way I know of is not to set a vty
password. While not disabling the telnet server, it will prevent any
attempts to telnet to the router.
John
"Sean Young" [EMAIL PROTECTED] 3/27/01 7:58:37 AM
Hi everyone,
Is it just me or anyone
Curtis,
Thanks for the tip. However, I just figure out. The solution is:
line vty 0 4
transport input ssh
That effectively shut off telnet.
Sean
From: Curtis Call [EMAIL PROTECTED]
To: "Sean Young" [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Cisco router is running very
Vincent,
TACACS+ is much more robust and reliable than TACACS. Having said that,
robustness and reliability are in the eye of the beholders. I am running
TACACS+ (it's free by theway) on a Unix box and it is running very
smoothly. I wish I can say the same thing about TACACS+ on Microsoft
and netfilter
(aka iptables) on the Firewall. Your reason is based purely on FUD
(Fear, Uncertainty and Doubt).
Sean
From: "Allen May" [EMAIL PROTECTED]
To: "Sean Young" [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Performance Compa
Sigh...inline comments
From: "Allen May" [EMAIL PROTECTED]
To: "Sean Young" [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Performance Comparision between Linux OS Firewall and Cisco
PIX 525
Date: Mon, 26 Mar 2001 14:55:57
Ken,
Thank you very much for the advice. This past Friday, my company has
decided to use Linux as our company Firewall. Furthermore, we've decided
that this Firewall will be running kernel 2.4.2 with only two services
running on it, SSH and netfilter (aka iptables). I've tested kernel
2.4.2 in
Doesn't Cisco realize that telnet is a security risk on Cisco devices
especially for us who often has to telnet to the router remotely to
fix/troubleshoot problems? Because username and password are traveling
across the Internet in CLEAR TEXT, the risk is too great. I work for
a company that
Hi Everyone,
My company is putting me in charge in implementing a Firewall for our
company. One guy in my networking group is recommending PIX Firewall.
Furthermore, he also recommends a Cisco Web-caching engine. His reason
is that not only Cisco is good Firewall but it also provides VPN
OK, since I have been flooded with requests for TACACS installation
and configuration, I will need sometime to come up with a decent
documentation for everyone. I would like to see everyone benefit from this
experience because of the lack of documentation and the pain that I
have to go through.
Hi Everyone,
I am researching on information TACACS server running on Linux platform.
Currently my company is running several TACACS servers on a Sun Solaris
8 platforms. As you can imagine, the support cost is very expensive
in regarding to both hardware, software and technical services.
I have a tacacs+ accounting file generated by a tacacs server that needs
to be presented to management in a nice and readable format. Does anyone
have a perl script or any tools to make this happen? Thanks.
Sean
_
Get your FREE
I've posted this problem but didn't get much response. I really
need help on this problem. I need help in configuring both the TACACS+
server and the Network Access Server (NAS). I am currently running the
TACACS+ server on Linux RedHat 7 with kernel 2.4.2. I am running the
NAS on a cisco
Hi everyone,
I need help in configuring both the TACACS+ server and the Network
Access Server (NAS). I am currently running the TACACS+ server on
Linux RedHat 7 with kernel 2.4.2. I am running the NAS on a cisco 2610
router with IOS 12.0.15 Enterprise plus with ipsec capability. I am running
Hi everyone,
I need help in configuring both the TACACS+ server and the Network
Access Server (NAS). I am currently running the TACACS+ server on
Linux RedHat 7 with kernel 2.4.2. I am running the NAS on a cisco 2610
router with IOS 12.0.15 Enterprise plus with ipsec capability. I am running
95 matches
Mail list logo