(PM) !root password (fwd)

MegaZone (megazone@livingston.com)
Thu, 5 Feb 1998 17:32:15 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: MegaZone: "RE: (PM) Livingston multi-homed? (fwd)"
Previous message: Marcus Vogt: "Re: (PM) PM3 PRI Questions"

Once upon a time qcislands net gated newsgroup feed shaped the electrons to say...
>I changed it, AND I did a save all, AND I logged back in right away
>with the new password to confirm that it WAS changed.
>
>Now I find that my new password doesn't work. This leads me to suspect

Try the old one. It could be possible that it didn't save and maybe it
rebooted and reverted.

>telnet into it. So my question is, could someone have made a backdoor
>into the router OUTSIDE of the !root? AND have been able to change my
>!root access as well? If this is so, then it makes my knees knock.

RADIUS can also authenticate Admin logins, which are not '!root' but have
ALL the same permissions as !root. So if they have access to you RADIUS
server then can add admin accounts at a whim. After all, they *shouldn't*
access the RADIUS server.

-MZ

--
Lucent Remote Access Division - Chair, Department of Interstitial Affairs
Phone: 800-458-9966 510-737-2100 FAX: 510-737-2110 megazone@livingston.com
For support requests: support@livingston.com  <http://www.livingston.com/> 
Snail mail: 4464 Willow Road, Pleasanton, CA 94588
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: MegaZone: "RE: (PM) Livingston multi-homed? (fwd)"
Previous message: Marcus Vogt: "Re: (PM) PM3 PRI Questions"