By Thomas Akin

As a community administrator, auditor or architect, you recognize the significance of securing your community and discovering safeguard options you could enforce quick. This succinct ebook departs from different defense literature by way of focusing completely on how one can safe Cisco routers, instead of the whole community. The rational is straightforward: If the router keeping a community is uncovered to hackers, then so is the community at the back of it. Hardening Cisco Routers is a reference for shielding the protectors. incorporated are the subsequent themes: the significance of router safeguard and the place routers healthy into an total defense plan diverse router configurations for numerous types of Cisco's Ios regular how you can entry a Cisco router and the safety implications of every Password and privilege degrees in Cisco routers Authentication, Authorization, and Accounting (Aaa) keep watch over Router caution banner use (as steered via the Fbi) pointless protocols and companies often run on Cisco routers Snmp defense Anti-spoofing Protocol protection for Rip, Ospf, Eigrp, Ntp, and Bgp Logging violations Incident reaction actual safeguard Written through Thomas Akin, an skilled qualified info structures safety specialist (Cissp) and licensed Cisco educational teacher (Ccai), the e-book is easily geared up, emphasizing practicality and a hands-on procedure. on the finish of every bankruptcy, Akin features a list that summarizes the hardening thoughts mentioned within the bankruptcy. The Checklists assist you double-check the configurations you've been recommended to make, and function fast references for destiny safeguard procedures.Concise and to the purpose, Hardening Cisco Routers provides you with the entire instruments essential to flip a possible vulnerability right into a energy. In a space that's differently poorly documented, this can be the only ebook to help you make your Cisco routers rock strong

Show description

Read or Download Hardening Cisco Routers PDF

Best security & encryption books

Internet and Wireless Security

Many enterprises are remodeling their companies during the improvement of knowledge and communications applied sciences. the safety of this e-commerce is now a key enabler for companies and this ebook offers an outline of present and destiny infrastructures for e-business together with XML safety mechanisms and subsequent iteration Public Key Infrastructures (PKI), in addition to electronic archiving and instant protection that's set to be a big progress zone with the total rollout of 3G cellular networks.

CompTIA Security+ SYO-201 Cert Guide

CompTIA® safeguard+ SY0-201 Cert advisor   David L. Prowse   DVD beneficial properties whole perform examination   grasp each subject on CompTIA’s new safeguard+ SY0-201 examination. verify your wisdom and concentration your studying. Get the sensible office wisdom you would like!   Start-to-finish safeguard+ SY0-201 practise from laptop safety advisor, defense+ coach, and writer David L.

PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks (Networking Technology: Security)

The single whole advisor to designing, imposing, and assisting state of the art certificate-based identification suggestions with PKI   Layered method is designed to assist readers with broadly diversified backgrounds fast study what they should recognize Covers the complete PKI undertaking lifecycle, making complicated PKI architectures basic to appreciate and set up Brings jointly conception and perform, together with on-the-ground implementers' wisdom, insights, most sensible practices, layout offerings, and troubleshooting information    PKI exposed brings jointly the entire strategies IT and safety execs have to observe PKI in any atmosphere, regardless of how complicated or subtle.

CompTIA Cybersecurity Analyst (CSA+) Study Guide: Exam CS0-001

Arrange your self for the latest CompTIA certification The CompTIA Cybersecurity Analyst+ (CSA+) learn advisor offers a hundred% insurance of all examination targets for the recent CSA+ certification. The CSA+ certification validates a candidate's abilities to configure and use possibility detection instruments, practice info research, determine vulnerabilities with a objective of securing and preserving corporations structures.

Additional resources for Hardening Cisco Routers

Sample text

Take the second letter of each word instead of the first. Change every e to a 3, every a to an @, or every t to a +. Add numbers to the beginning or the end of the password—whatever you can think of. Finally, another key to creating strong passwords is using a different password on each system. That way, if someone guesses or steals one of your password, they can’t use that password to access every system you have an account on. Now there is a problem of remembering a different password for every system you access.

After four hours, the password cracker has guessed the next three passwords as well. Any password based on a word—English or foreign—is vulnerable to brute force attacks. The last password looks random and was still not cracked when the password cracker stopped running three days later. The problem is remembering a password like this one. See the upcoming sidebar, “Choosing and Remembering Strong Passwords” for tips on choosing an appropriate password. Keeping Configuration Files Secure Except for the enable secret password, all passwords stored on Cisco routers are weakly encrypted.

If your routers and management stations all support IPSec, you can create a VPN between the router and management stations, encrypting all traffic sent between the two. A full tutorial on IPSec and VPNs is out of the scope of this book, but a brief overview on how to configure your router for an IPSec VPN to the management station follows. 10. Also, this example uses preshared keys (a password manually configured on both sides). Advanced VPN solutions can use key management systems instead of statically configured keys.

Download PDF sample

Rated 4.86 of 5 – based on 6 votes