OK.
Dale Drew
ddrew at mci.net
Sat Oct 25 17:45:27 UTC 1997
> Most web page access, odd-statistics gathering, and ease-of-use
> tools with which I am familiar use ^expect^ to implement such.
One such example would be MCI's "pollem", available at
ftp://ftp.mci.net/outgoing/pollem
"pollem" is a perl script that will log into a Cisco, pull
a copy of the on-line config, and compare it with a previously
pulled config (for things like network audits, etc). It
can be changed to execute any command that the logged in user
has privledge for.
http://www.security.mci.net/dostrack
================================================================
Dale Drew MCI Telecommunications
Sr. Manager internetMCI Security
Engineering
Voice: 703/715-7058 Internet: ddrew at mci.net
Fax: 703/715-7066 MCIMAIL: Dale_Drew/644-3335
At 12:50 PM 10/25/97 -0400, Alan Hannan wrote:
>
> It's my opinion first and foremost that you are not a moron.
>
> Moreover, and keeping with the operational charter of the newsgroup, I
> would not recommend that folks enable r* commands on their cisco
> routers.
>
> When automated access is required, automating access with stored
> passwords can be done quite handily.
>
> While one must focus on protecting the sanctity of the stored
> passwords, one doesn't have to focus on the security of forged r*
> logins. Protecting something within a host, rather than a network
> segment, is probably simpler in this case than the converse.
>
> $0.02.
>
> Most web page access, odd-statistics gathering, and ease-of-use
> tools with which I am familiar use ^expect^ to implement such.
>
> -alan
>
>Quoting Alex Rubenstein (alex at nac.net):
>>
>> I am a moron; I can't figure it out.
>>
>> How do you make a cisco so that you can rsh into it (to use Mr. Kerns
>> looking glass)?
>>
>> TIA>
>>
>>
>
>
More information about the NANOG
mailing list