Most web page access, odd-statistics gathering, and ease-of-use tools with which I am familiar use ^expect^ to implement such.
One such example would be MCI's "pollem", available at ftp://ftp.mci.net/outgoing/pollem "pollem" is a perl script that will log into a Cisco, pull a copy of the on-line config, and compare it with a previously pulled config (for things like network audits, etc). It can be changed to execute any command that the logged in user has privledge for. http://www.security.mci.net/dostrack ================================================================ Dale Drew MCI Telecommunications Sr. Manager internetMCI Security Engineering Voice: 703/715-7058 Internet: ddrew@mci.net Fax: 703/715-7066 MCIMAIL: Dale_Drew/644-3335 At 12:50 PM 10/25/97 -0400, Alan Hannan wrote:
It's my opinion first and foremost that you are not a moron.
Moreover, and keeping with the operational charter of the newsgroup, I would not recommend that folks enable r* commands on their cisco routers.
When automated access is required, automating access with stored passwords can be done quite handily.
While one must focus on protecting the sanctity of the stored passwords, one doesn't have to focus on the security of forged r* logins. Protecting something within a host, rather than a network segment, is probably simpler in this case than the converse.
$0.02.
Most web page access, odd-statistics gathering, and ease-of-use tools with which I am familiar use ^expect^ to implement such.
-alan
Quoting Alex Rubenstein (alex@nac.net):
I am a moron; I can't figure it out.
How do you make a cisco so that you can rsh into it (to use Mr. Kerns looking glass)?
TIA>