Monday, January 25, 2016

CHECK IT OUT : TACACS+ authentication server

IT LOOKS PRETTY EASY, BUT IS IT?

welcome back to war!

"Information in passports is protected by the Basic Access Control protocol, the standard can be found here. In order to read from the passport you need certain pieces of information; the passport number, the D.O.B and the date of expiry.
NFC TagInfo is quite a nice app that can read passports amongst other things, make sure you enter the correct information before attempting the read though. It can take a few seconds to read due to the amount of information being transferred.
In the USA there are foil covers over the passport which prevent the NFC working without the passport being open however with my UK passport I can read it just fine when it's closed."

because this is not the way it looks EASY  : 

"Third party software usage for key distribution If you have OpenView, Nagios or similar monitoring system installed you can use their capabilities to distribute the key.
You can use xargs submitting to it list of servers and using scp command to distribute the files. Parallel is a Perl script written by Ole Tange that extends and improves capabilities of xargs that can optimize this operation creating multiple threads, one for each server. To transfer file to remote computer you can use option --transfer:
Especially convenient are parallel command execution packages. Among the latter we can mention pdsh -- a variant of the rsh(1) command. ROMs are available from Fedora EPEL (pdsh-2.26-4.el6.x86_64.rpm CentOS 6 Download), and SourceForge.net. Unlike rsh(1), which runs commands on a single remote host, pdsh can run multiple remote commands in parallel. pdsh uses a "sliding window" (or fanout) of threads to conserve resources on the initiating host while allowing some connections to time out. pdcp included in pdsh package

http://www.softpanorama.org/Net/Application_layer/SSH/passwordless_ssh_login.shtml#Third_party_software_usage_for_key_distribution_


 I Think I have an attack here Emoji smile 
To enable the TACACS+ password on the switch and specify authentication using the password provided in the ENABLE PASSWORD command is attempted if a TACACS+ server is not available, use the following commands:

awplus> enable
awplus# configure terminal
awplus(config)# aaa authentication enable default group tacacs local
To enable the TACACS+ password on the switch, use the following commands:
awplus> enable
awplus# configure terminal
awplus(config)# aaa authentication enable default group tacacs

No comments: