On Fri, Apr 28, 2000 at 09:06:16PM -0700, Bora Akyol wrote:
I don't think so.
There is even a port of ssh to the Palm Pilot.
In this day and age, I think that saying that encryption is expensive is a myth.
Even if it were, I think the security that it buys you is well worth it.
Also, most new(er) and high end routers out there should have more than enough processing power to handle ssh, no? I know ours does.
But this is really a minor part of the issue, IMO. You have to SSH in from somewhere... Are your NOC machines patched and secure? Does anyone log in to these machines from home or the NANOG terminal room? Are _all_ of those machines secure, not just _your_ machine(s)? Are you positive the people watching your network when you are at home sleeping haven't done anything dumb (e.g. run an exploitable irc client) from their own machines or the "trusted" NOC machines? Are you sure your personnel don't use the same password for TACACS that they use for their favorite MUD? I suspect it is more likely that the latest cracker weenie gained access to a unix box in a key location rather than gaining some sort of physical access to sniff passwords over the line. Austin