We were currently wrote up by our external auditors because we use telnet to access all of our routers. In some cases we use a filtered Telnet service...but that is not the normal practice. We are a fairly good size company with about 1000+ routers.
I am charged with coordinating a response to the auditors. I know all of the security issues involved with Telnet...ie login id and password sent across the network in clear text, etc. My question: Is it possible to use SSH or CISCO TACACS+ to encrypt the entire Telnet session? Is there a way to ensure no one can sniff the login id and password? The Network Services Group is adamant that neither SSH or CISCO TACACS+ will work on a router to correct the security issue.
Tony CIA,CISA,CDP,MBA
Security and Audit Services
Nations Banking & Trust
PS: I have been playing phone tag with the auditor that wrote us up...to see what they recommend...have not reached him yet.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
- Re: Telnet Security Question for a Router. Tony Toni
- Re: Telnet Security Question for a Router. kawaii
- Re: Telnet Security Question for a Router. Jeremy Anderson
- Re: Telnet Security Question for a Router. Jill Tovey
- Re: Telnet Security Question for a Router. Charley Hamilton
- Re: Telnet Security Question for a Router. Mark Maher
- RE: Telnet Security Question for a Router. Tim Donahue
- Re: Telnet Security Question for a Router. Eric Schroeder
- FW: Telnet Security Question for a Router. Stephen Wilcox
- Re: Telnet Security Question for a Router. Chris Berry
- RE: Telnet Security Question for a Router. Stephen Wilcox
