<div>
<div class="content wysiwyg-content">
Experts,<br />
<br />
In this scenario the client is running putty for the SSH client.<br />
He needs to authenticate to a Cisco router. <br />
The Cisco router is talking TACACS+ to the ACS server.<br />
<br />
If an attacker was able to successfully MITM the connection between the client and the router, would the client get any type of warning that the connection is untrusted? &nbsp; <br />
In the HTTP world, the user will get a warning in a form of a browser warning. <br />
If it the destination was an SSH server, the user will get also get a warning.<br />
I'm just not sure how they will get a warning if it was a Cisco device.
</div>
</div>


Experts,

In this scenario the client is running putty for the SSH client.
He needs to authenticate to a Cisco router. 
The Cisco router is talking TACACS+ to the ACS server.

If an attacker was able to successfully MITM the connection between the client and the router, would the client get any type of warning that the connection is untrusted?   
In the HTTP world, the user will get a warning in a form of a browser warning. 
If it the destination was an SSH server, the user will get also get a warning.
I'm just not sure how they will get a warning if it was a Cisco device.

MiTM SSH session on a Cisco device talking TACACS+

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Telnet is an application layer protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. SSH was designed as a replacement for Telnet and for unsecured remote shell protocols. The term telnet is also used to refer to the software that implements the client part of the protocol. SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server.