If you have physical access the the routers, you can't prevent password recovery as Cisco built it into the ROM. Also, anyone who can view the encrypted password can use a utility that will recover the encrypted password from the config or from sho run, etc. So, implement some real physical security and don't allow unauthorized personell access to the network devices as a start. There are also a number of documents on setting up RADIUS authentication, user roles, etc. that you should check out.
On Sat, 2002-03-30 at 10:09, Shafagh Zandi wrote: > > > Hi, Everybody > > I've many Cisco routers and I need to protect my Cisco devices, > especially implementing the "Physical Security". > I'm thinking about Cisco password recovery, and I need to prevent others > to do this task, > How can I disable password recovery? > > > Shafagh Zandi. > www.shafagh.net > >
