|
|
|
|
|
|
by oasisbob
4838 days ago
|
|
|
Define 'insecure locations'. Some orgs go to great lengths to segment access to their networking core and establish separation of privileges using AAA, etc. As well, configs can leak out through other means (TAC case, submission to auditors, etc). Someone who has access to config backups shouldn't be able to bootstrap their privileges by cracking passwords. In theory "audit our config backups, and fix them up" is a task you can assign to a junior network engineer with a limited account and a copy of RANCID. Role separation, defense in depth, and all that... |
|
|