By Thomas Akin
As a community administrator, auditor or architect, you recognize the significance of securing your community and discovering safeguard strategies you could enforce speedy. This succinct booklet departs from different safeguard literature by way of focusing completely on how you can safe Cisco routers, instead of the full community. The rational is easy: If the router conserving a community is uncovered to hackers, then so is the community in the back of it. Hardening Cisco Routers is a reference for safeguarding the protectors. incorporated are the subsequent themes: the significance of router defense and the place routers healthy into an total defense plan varied router configurations for varied models of Cisco?s IOS normal how you can entry a Cisco router and the safety implications of every Password and privilege degrees in Cisco routers Authentication, Authorization, and Accounting (AAA) keep watch over Router caution banner use (as advised through the FBI) pointless protocols and prone mostly run on Cisco routers SNMP safeguard Anti-spoofing Protocol safety for RIP, OSPF, EIGRP, NTP, and BGP Logging violations Incident reaction actual safety Written through Thomas Akin, an skilled qualified details structures protection expert (CISSP) and authorized Cisco educational teacher (CCAI), the booklet is definitely prepared, emphasizing practicality and a hands-on procedure. on the finish of every bankruptcy, Akin incorporates a record that summarizes the hardening strategies mentioned within the bankruptcy. The Checklists assist you double-check the configurations you've been steered to make, and function speedy references for destiny safety strategies. Concise and to the purpose, Hardening Cisco Routers offers you with all of the instruments essential to flip a possible vulnerability right into a energy. In a space that's differently poorly documented, this can be the only publication to help you make your Cisco routers rock sturdy.
Read or Download Hardening Cisco Routers (O'Reilly Networking) PDF
Best security & encryption books
A part of the ExamWise to CIW Certification sequence, this new Self support and Interactive examination research reduction is now on hand for candidate's getting ready to take a seat the CIW 1D0-460 Internetworking expert examination. The ebook covers the knowledge linked to all of the examination subject matters intimately and comprises details present in no different publication.
Over contemporary years, the quantity of cellular gear that should be attached to company networks remotely (smartphones, laptops, and so forth. ) has elevated speedily. cutting edge improvement views and new developments resembling BYOD (bring your personal machine) are exposing enterprise details platforms greater than ever to numerous compromising threats.
"Draft advent to machine Networking and Cybersecurity To the coed it really is tough to overstate the significance of laptop networks and community safeguard in cutting-edge global. they've got develop into such an essential component of our life that just a moment's mirrored image is needed to delineate the numerous ways that they impression primarily each point of our lives.
"Providing an summary of certification and accreditation, the second one variation of this formally sanctioned consultant demonstrates the practicality and effectiveness of C & A as a hazard administration technique for IT structures in private and non-private enterprises. It permits readers to record the prestige in their safety controls and easy methods to safe IT platforms through normal, repeatable procedures.
- PCI Compliance
- Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations
- Non-commutative cryptography and complexity of group-theoretic problems
Additional info for Hardening Cisco Routers (O'Reilly Networking)
However, the enable password level command is provided for backward compatibility and should not be used. Line Privilege Levels Lines (CON, AUX, VTY) default to level 1 privileges. This can be changed using the privilege level command under each line. To change the default privilege level of the AUX port, you would type the following: Router#config terminal Enter configuration commands, one per line. Router(config)#line aux 0 Router(config-line)#privilege level 4 Router(config-line)#^Z Router# End with CNTL/Z.
Set the privileged-level (level 15) password with the enable secret command and not with the enable password command. Password Checklist | This is the Title of the Book, eMatter Edition Copyright © 2002 O’Reilly & Associates, Inc. All rights reserved. 23611 Page 42 Friday, February 15, 2002 2:53 PM • Make sure all passwords are strong passwords that are not based on English or foreign words. • Make sure each router has different enable and user passwords. • Keep backup configuration files encrypted on a secure server.
Set the exec-timeout on all VTYs to five minutes or less. • Enable the global command service tcp-keepalives-in. • Disable HTTP access to the router. • If HTTP access must be used: — Limit its use to secure networks. — Only use it over IPSec. — Restrict access with ACLs to a few secured IPs. — Change the HTTP authentication method from the default enable password. Basic Access Control Security Checklist This is the Title of the Book, eMatter Edition Copyright © 2002 O’Reilly & Associates, Inc.