Skip to main content

Yet another reason to add two-factor authentication to your admin accounts

(0 comments)

Seems like we just made the case for requiring two-factor authentication for Cisco Admins due to the SYNFul attack.  Now here's another one.

This attack only affects Cisco devices using RSA public keys for authentication.  But there is already a Metasploit module available for it

So, of course, there could also be a vuln in the Cisco Radius implementation, but this shows the risks inherent in setting up a separate identity management silo for your administrators.  It is better to have all of your identity management done in one place, your directory, with the appropriate escalation to two-factor authentication for privileged accounts or for riskier activities, such as remote access or for users that you trust less, such as vendors and other third parties.

The question you ask is "at what cost"?   Well, 2-factor authentication  is no longer limited to expensive RSA tokens.  Moreover, how many admins do you have?  Most companies have fewer than 5 so they would be covered by our free 2FA licenses

 

 

 

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom