This article describes how to enhance the security of a Cisco router by using a Nipper. So how should we use it? The following article gives you a detailed answer.
How do I use a Nipper?
Since Nipper supports so many devices and is also known to support a wide range of multi-functional options, it is impossible for me to present them in all aspects. However, we can make a basic demonstration. In our example
Cisco held a network lecture entitled "define your router with 256 or fewer bytes". The subject of this lecture is: "the accuracy and performance improvement of network security products forces hackers to successfully launch attacks in the first 256 bytes of the Code, so that they can easily intrude into the network without being noticed ". As a result, Cisco dev
4tppa55w0rdRouter#copy startup-config ftp:
9. Upgrade and patch IOS software in a timely manner.
Ii. vro Network Service Security Configuration
1. disable CDP (Cisco Discovery Protocol ). For example:Router (Config) # no cdp runRouter (Config-if) # no cdp enable2. Disable other TCP and UDP Small services.Router (Config) # no service tcp-small-serversRouter (Config) # no service udp-samll-ser
I. vro Network Service Security Configuration1. disable CDP (Cisco Discovery Protocol ). For example:Router (Config) # no cdp runRouter (Config-if) # no cdp enable2. Disable other TCP and UDP Small services.Router (Config) # no service tcp-small-serversRouter (Config) # no service udp-samll-servers3. Disable the Finger service.Router (Config) # no ip fingerRouter (Config) # no service finger4. We recommend
Release date:Updated on: 2012-05-10
Affected Systems:Cisco Secure ACS 5.xDescription:--------------------------------------------------------------------------------Bugtraq id: 53436Cve id: CVE-2011-3293, CVE-2011-3317
Cisco Secure ACS is a central RADIUS and TACACS + server that integrates user authentication, user and administrator device access control, and policy control into a centralized unified network solution.
Security management for Cisco routers includes creating passwords to secure access to Cisco routers, and using the correct access table to manage acceptable data streams through Cisco routers.
1. Password Management
The following command sets the password for controlling access from the terminal.
Command operation resu
. Upgrade and patch IOS software in a timely manner.Ii. vro Network Service Security Configuration1. disable CDP (Cisco Discovery Protocol ). For example:Router (Config) # no cdp runRouter (Config-if) # no cdp enable2. Disable other TCP and UDP Small services.Router (Config) # no service tcp-small-serversRouter (Config) # no service udp-samll-servers3. Disable the Finger service.Router (Config) # no ip fing
Essential security commands for CISCO router initialization 1. Security Settings for vro Access Control 1. Strict control over the administrator who can access the vro. Record Filing is required for all maintenance tasks. Www.2cto.com 2. do not access the vro remotely. Even if you need to access the vro remotely, we recommend that you use the access control list
Many network administrators ignore security settings when they first use a Cisco router. This article describes how to configure network security when using a Cisco router.
1. Security Configuration of the "Access Control" of the vro
1. strictly control the administrator who
We have explained a lot about the configurations of CISCO switches. Here we will mainly explain the port security configurations of CISCO 3550 switches. Scenario: There is a CISCO3550 switch in a certain unit. For the sake of network security, the security requirements for s
Improving system security involves many aspects, one of the important steps is to turn off unnecessary services. Although Microsoft Windows XP is not a network operating system, the default is that many of its services are open. For a sober Microsoft user, shutting down some unwanted services is an important aspect of security.
Of course, each version of Windows offers a different service, so services that
password, and if two passwords are used together,Enable password will not work unless the password for enable secret is valid. The Setup method is as follows:123321Configure the console password and some auxiliary commands:Router#config ter (enter global mode) Router (config)#lineConsole 0 (Enter the configuration control port mode, at which time the command is only valid for console 0)Router (config-Line ) #login (log in thread) Router (config-line) #password123(Set password) Router (config-li
not encrypted during network transmission, strict control is required. For example, set a strong password, control the number of concurrent connections, strictly control the access address using the access list, and set user access control using AAA.8. We recommend that you use FTP instead of TFTP for iOS upgrade and backup and configuration file backup. For example:Router (config) # ip ftp Username blushinRouter (config) # ip ftp password 4tppa55w0rdRouter # copy startup-config ftp:9. Upgrade
Release date:Updated on:
Affected Systems:Cisco Web Security application Description:--------------------------------------------------------------------------------Bugtraq id: 66565CVE (CAN) ID: CVE-2014-2137Cisco Web Security Appliance is a secure Web gateway that integrates Malware Protection, visual application control, and policy control on a single platform.The implementation of
we are using Console connect the router and the computer, start the router and use the Putty connect to the router's console ( Console ), it is recommended that you first configure the hostname of the router ( hostname ) To facilitate identification, configure the privileged mode ( Enable ) Password and vty ( telnet ) password to protect the router. Cisco the privileged mode password of the router is divided into plaintext password and encrypted passw
Release date:Updated on:
Affected Systems:Cisco Linksys EA2700Description:--------------------------------------------------------------------------------Bugtraq id: 59054The Cisco Linksys EA2700 is a smart Wi-Fi router.Cisco Linksys EA2700 (firmware version 1.0.12.128947) has multiple security vulnerabilities. Malicious users can exploit this vulnerability to execute cross-site scripting and request forger
The security of Unix operating systems is well known. However, if you want to say where the Unix system is secure, it is estimated that no one can say why.
1. Different users have different permissions for the same command.
The Date command is a common command in Unix systems. It displays the Date and time of the system. However, different user roles have differe
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.