https://community.cisco.com/t5/network-access-control/cisco-secure-acs-compromised/m-p/403127#M429206 <P>Is anyone aware of any instances where Cisco Secure has been compromised to reveal TACACS+ user IDs/passwords?</P><P></P><P>This question stems from the issue of whether ACS servers should be added to an existing Windows domain or to a totally seperate domain of their own. If the existing domain is compromised so that someone now has Domain Admin rights on the ACS servers (but not an ACS admin ID), could this lead to them somehow cracking TACACS+ passwords or creating their own ID?</P><P></P><P>Are there any Proof-Of-Concepts out there?</P> Sun, 10 Mar 2019 21:08:10 GMT 6aganguly 2019-03-10T21:08:10Z https://community.cisco.com/t5/network-access-control/cisco-secure-acs-compromised/m-p/403127#M429206 <P>Is anyone aware of any instances where Cisco Secure has been compromised to reveal TACACS+ user IDs/passwords?</P><P></P><P>This question stems from the issue of whether ACS servers should be added to an existing Windows domain or to a totally seperate domain of their own. If the existing domain is compromised so that someone now has Domain Admin rights on the ACS servers (but not an ACS admin ID), could this lead to them somehow cracking TACACS+ passwords or creating their own ID?</P><P></P><P>Are there any Proof-Of-Concepts out there?</P> Sun, 10 Mar 2019 21:08:10 GMT https://community.cisco.com/t5/network-access-control/cisco-secure-acs-compromised/m-p/403127#M429206 6aganguly 2019-03-10T21:08:10Z https://community.cisco.com/t5/network-access-control/cisco-secure-acs-compromised/m-p/403128#M429209 <HTML><HEAD></HEAD><BODY><P>ACS server can be told to authenticate against the domain that it is a member of and any domains that are trusted by that domain. </P></BODY></HTML> Fri, 06 May 2005 14:06:20 GMT https://community.cisco.com/t5/network-access-control/cisco-secure-acs-compromised/m-p/403128#M429209 didyap 2005-05-06T14:06:20Z