Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!ucbvax!MATHOM.CISCO.COM!BILLW
From: BILLW@MATHOM.CISCO.COM (William Chops Westfield)
Newsgroups: comp.protocols.tcp-ip.ibmpc
Subject: Re: Undelivered mail
Message-ID: <12692712423.16.BILLW@mathom.cisco.com>
Date: 11 Jun 91 20:31:44 GMT
References: <ALBERTO.91Jun11081827@yamuna.cs.umd.edu>
Sender: daemon@ucbvax.BERKELEY.EDU
Distribution: world
Organization: The Internet
Lines: 28


    I think this is a very interesting issue. Here in Maryland they have
    similar concerns. Mostly with the fact that a dial-in person would get
    complete network access as a Maryland site, which can be a security
    risk. 

    Is there any accounting or login system for SLIP access?

Well, cisco terminal servers (current release) can require a user to
login (username/password) before they can turn SLIP on, another
authentication when they pick their address (hostname(address)/password),
and a final authentication when it actually gets turned on (and off).

Each is independent from the others, and the information provided is
sufficient to maintain a unix-style accounting file.

The next version of software will support access lists on each SLIP
line, contolling where they can send packets to, or receive them from.

PPP provides an authentication option within PPP, but I don't know that
anyone supports it.

SUN SLIP can require that you log in before it gets turned on, I think.


Bill Westfield
cisco Systems.
-------