Scribd Logo
Importer

Bienvenue sur Scribd !

  • Lab Activity (Configuring Basic Router Security)

    Transféré par

    Imran
    21 vues2 pages
    An activity to configure a Cisco Router.

    Titre original

    Lab Activity(Configuring Basic Router Security)

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    An activity to configure a Cisco Router.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    21 vues2 pages

    Lab Activity (Configuring Basic Router Security)

    Transféré par

    Imran
    An activity to configure a Cisco Router.

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 2

    Networked Systems security 17-12-10

    Imran hameed MK College 2010 1



    Lab Activity
    Step1: Manage router security
    Using the reference topology apply the following commands to enable passwords on a Cisco routers.
    1-No Encryption: Using the enable password command or the username username password
    password command would result in these passwords being displayed when looking at the running
    configuration.
    R1(config)# username Student password cisco123
    R1(config)# do show run
    username Student password 0 cisco123
    The 0 displayed in the running configuration, indicates that password is not hidden.
    2- Encrypt Passwords: To encrypt passwords using type 7 encryption, use the service password-
    encryption global configuration command. This command prevents passwords that are displayed on the
    screen from being readable.
    R1(config)# service password-encryption
    R1(config)# do show run
    username Student password 7 03075218050061
    The 7 displayed in the running configuration indicates that password is hidden.
    To encrypt the passwords using type 5 encryption, use the enable secret command.
    R1(config)# enable secret cisco
    R1(config)# do show run
    username Student secret 5 $1$z245$lVSTJzuYgdQDJiacwP2Tv/
    3- Password minimum length enforcement: Cisco IOS Software Release 12.3(1) and later allow
    administrators to set the minimum character length for all router passwords using the security
    passwords min-length global configuration command.
    R1(config)# security passwords min-length 10
    R1(config)# end


    Networked Systems security 17-12-10
    Imran hameed MK College 2010 2

    Step3: Vulnerable Router Services and Interfaces
    Use the following commands to disable the vulnerable services on the routers.
    Cisco Discovery Protocol (CDP) - Use the no cdp run.
    Source routing - Use the no ip source-route command.
    Classless routing - Use the no ip classless command.
    Small services such as echo, discard, and chargen - Use the no service tcp-small-servers
    or no service udp-small-servers command.
    Finger - Use the no service finger command.
    BOOTP - Use the no ip bootp server command.
    HTTP - Use the no ip http server command.
    Remote configuration - Use the no service config.
    SNMP - Use the no snmp-server command.
    Use the following commands to further secure the interfaces:
    Unused interfaces - Use the shutdown command.
    Ad hoc routing - Use the no ip proxy-arp command.
    No SMURF attacks - Use the no ip directed-broadcast.

    Note: After using each command, apply the show running configuration command to check the
    status of services as on or off.

    Vous aimerez peut-être aussi