Firewalls: Re: Cisco PIX Firewall -- comments?

Firewalls
(November 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Cisco PIX Firewall -- comments?
From:	David Lang <dlang @ diginsite . com>
Date:	Wed, 26 Nov 1997 08:38:29 -0800 (Pacific Standard Time)
To:	"R. Todd Truitt" <ttruitt @ cisco . com>
Cc:	Ryan Russell <ryanr @ sybase . com>, banz @ membrain . com, firewalls @ GreatCircle . COM
In-reply-to:	<3 . 0 . 3 . 32 . 19971126014233 . 00a61cf0 @ diablo . cisco . com>


On Wed, 26 Nov 1997, R. Todd Truitt wrote:

> At 06:27 PM 11/21/97 -0800, David Lang wrote:
> >If I was telnetting in you would be correct, however I am just using the
> >serial console so there is no possibility of snooping. On other firewalls
> >there is the possibility of using a one-time password of some sort, PIX
> >does not support this.
> >
> 
> David--
> 
> Actually, the PIX supports a variety of OTP solutions via RADIUS and
> TACACS+.  I would use TACACS+ as this provides enhanced security.
> 
> --T

radius and tacacs+ can be used for authenticating ftp and telnet sessions
but not for http (according to the PIX manual) this still does not apply
to the passwords for the PIX itself.

David Lang

References:

Re: Cisco PIX Firewall -- comments?
From: "R. Todd Truitt" <ttruitt @ cisco . com>

Indexed By Date	Previous:	Re: Cisco PIX Firewall -- comments? From: David Lang <dlang @ diginsite . com>
Indexed By Date	Next:	Re: freeware SSH for WIn95/NT From: Peter da Silva <peter @ baileynm . com>
Indexed By Thread	Previous:	Re: Cisco PIX Firewall -- comments? From: "R. Todd Truitt" <ttruitt @ cisco . com>
Indexed By Thread	Next:	Re: Cisco PIX Firewall -- comments? From: Woody Weaver <woody @ wiltelnsi . com>