By Thomas Akin

As a community administrator, auditor or architect, you recognize the significance of securing your community and discovering safeguard ideas you could enforce fast. This succinct booklet departs from different safeguard literature by way of focusing solely on how one can safe Cisco routers, instead of the complete community. The rational is easy: If the router retaining a community is uncovered to hackers, then so is the community in the back of it. Hardening Cisco Routers is a reference for safeguarding the protectors. integrated are the next themes: the significance of router safeguard and the place routers healthy into an total defense plan diversified router configurations for numerous models of Cisco?s IOS regular how one can entry a Cisco router and the protection implications of every Password and privilege degrees in Cisco routers Authentication, Authorization, and Accounting (AAA) regulate Router caution banner use (as instructed via the FBI) pointless protocols and providers as a rule run on Cisco routers SNMP safety Anti-spoofing Protocol safeguard for RIP, OSPF, EIGRP, NTP, and BGP Logging violations Incident reaction actual safeguard Written through Thomas Akin, an skilled qualified info structures defense specialist (CISSP) and authorized Cisco educational teacher (CCAI), the publication is definitely geared up, emphasizing practicality and a hands-on process. on the finish of every bankruptcy, Akin contains a record that summarizes the hardening innovations mentioned within the bankruptcy. The Checklists assist you double-check the configurations you've been suggested to make, and function quickly references for destiny defense methods. Concise and to the purpose, Hardening Cisco Routers offers you with all of the instruments essential to flip a possible vulnerability right into a energy. In a space that's in a different way poorly documented, this is often the single ebook that can assist you make your Cisco routers rock strong.

Show description

Read or Download Hardening Cisco Routers (O'Reilly Networking) PDF

Best security & encryption books

Internet and Wireless Security

Many companies are remodeling their companies during the improvement of knowledge and communications applied sciences. the safety of this e-commerce is now a key enabler for companies and this ebook provides an outline of present and destiny infrastructures for e-business together with XML safety mechanisms and subsequent new release Public Key Infrastructures (PKI), in addition to electronic archiving and instant safeguard that is set to be a massive progress zone with the total rollout of 3G cellular networks.

CompTIA Security+ SYO-201 Cert Guide

CompTIA® safeguard+ SY0-201 Cert advisor   David L. Prowse   DVD beneficial properties whole perform examination   grasp each subject on CompTIA’s new safety+ SY0-201 examination. determine your wisdom and concentration your studying. Get the sensible place of work wisdom you would like!   Start-to-finish protection+ SY0-201 instruction from desktop defense advisor, safeguard+ coach, and writer David L.

PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks (Networking Technology: Security)

The single whole advisor to designing, enforcing, and helping state of the art certificate-based id recommendations with PKI   Layered process is designed to assist readers with extensively assorted backgrounds fast research what they should understand Covers the complete PKI undertaking lifecycle, making advanced PKI architectures easy to appreciate and install Brings jointly idea and perform, together with on-the-ground implementers' wisdom, insights, top practices, layout offerings, and troubleshooting information    PKI exposed brings jointly the entire suggestions IT and safety execs have to observe PKI in any setting, irrespective of how advanced or subtle.

CompTIA Cybersecurity Analyst (CSA+) Study Guide: Exam CS0-001

Arrange your self for the most recent CompTIA certification The CompTIA Cybersecurity Analyst+ (CSA+) research consultant presents a hundred% insurance of all examination goals for the hot CSA+ certification. The CSA+ certification validates a candidate's abilities to configure and use possibility detection instruments, practice facts research, establish vulnerabilities with a objective of securing and keeping firms platforms.

Additional resources for Hardening Cisco Routers (O'Reilly Networking)

Example text

Enable AAA with aaa new-model. 2. Make the default AAA authentication method local using the aaa authentication command. 3. Apply the default AAA authentication method to each line: Router#config terminal Enter configuration commands, one per line. End with CNTL/Z.

All rights reserved. 23747 Page 43 Friday, February 15, 2002 2:53 PM Chapter 5 CHAPTER 5 AAA Access Control AAA stands for authentication, authorization, accounting. This chapter will cover the authentication and authorization aspects of AAA, leaving the accounting details for Chapter 11. AAA access control provides much greater scalability and functionality than the basic access control methods discussed in Chapter 3. AAA can use local router configuration, TACACS+, RADIUS, and Kerberos for authentication and can utilize a TACACS+ or RADIUS for authorization.

There is a solution to this as well. You can modify the preceding technique to help you remember different passwords for every system. For example, take the password used previously, ilcic4l, and modify it for each system that you access. First come up with a formula. A simple one would be to take the first letter of the system name you are connecting to and replace the first letter of the password with that letter. Then do the same for the last letter. If connecting to a system called Router1, the password for that system would be Rlcic41.

Download PDF sample

Rated 4.73 of 5 – based on 25 votes