Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Question re Cisco auth and remote login best-practices

Paul Ferguson fergdawgster at mykolab.com
Sun Sep 22 22:38:47 PDT 2013


On 9/22/2013 10:32 PM, Bill Woodcock wrote:

>
> So, if we assume the worst, and figure we're just doing damage-control and minimizing a large problem, what are the best-practices to follow in configuring Cisco routers in remote locations?
>
> Generate max-length (4096-bit?) RSA keys on them, for the SSH sessions…
>
> Use remote auth to do command-by-command authorization, no level-15 logins?
>
> Run TACACs over IPsec?  Over something else?
>

Locally trusted human. :-)

- ferg



-- 
Paul Ferguson
Vice President, Threat Intelligence
Internet Identity, Tacoma, Washington  USA
IID --> "Connect and Collaborate" --> www.internetidentity.com



More information about the liberationtech mailing list