Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding Cisco Router Security

Published byGuido Acker Modified over 6 years ago

Similar presentations

Presentation on theme: "Understanding Cisco Router Security"— Presentation transcript:

1 Understanding Cisco Router Security
LAN Connections

2 Common Threats to Physical Installations
Hardware threats Environmental threats Electrical threats Maintenance threats

3 Configuring a Router Password
Layer 2 of 2 Emphasize: The router has one enable password. Remember that this is your only protection. Whoever owns this password can do anything with the router, so be careful about communicating this password to others. To provide an additional layer of security, particularly for passwords that cross the network or are stored on a TFTP server, you can use either the enable password or enable secret commands. Both commands accomplish the same thing; that is, they allow you to establish an encrypted password that users must enter to access enable mode (the default), or any privilege level you specify. Cisco recommends that you use the enable secret command because it uses an improved encryption algorithm. Use the enable password command only if you boot an older image of the Cisco IOS software, or if you boot older boot ROMs that do not recognize the enable secret command. If you configure the enable secret password, it is used instead of the enable password, not in addition to it. Cisco supports password encryption. Turn on password encryption using the service password-encryption command. Then enter the desired passwords for encryption. Immediately, on the next line, enter the no service password-encryption command. Only those passwords that are set between the two commands will be encrypted. If you enter service password-encryption and then press Ctrl-Z to exit, all passwords will be encrypted. Note: Password recovery is not covered in the course materials. Refer the students to the IMCR class.

4 Configuring the Login Banner
Defines and enables a customized banner to be displayed before the username and password login prompts RouterX# banner login " Access for authorized users only. Please enter your username and password. "

5 Telnet vs. SSH Access Telnet Most common access method Insecure SSH
Encrypted IP domain must be defined key must be generated !--- The username command create the username and password for the SSH session username cisco password 0 cisco ip domain-name mydomain.com crypto key generate rsa ip ssh version 2 line vty 0 4 login local transport input ssh

6 Summary The first level of security is physical.
Passwords can be used to restrict access. The login banner can be used to display a message before the user is prompted for a username. Telnet sends the session traffic in cleartext; SSH encrypts the traffic.

7

Download ppt "Understanding Cisco Router Security"

Similar presentations

Router Configuration PJC CCNA Semester 2 Ver. 3.0 by William Kelly.

Router Configuration PJC CCNA Semester 2 Ver. 3.0 by William Kelly.
© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
1 Passwords and Banners Cisco Devices Packet Tracer.

1 Passwords and Banners Cisco Devices Packet Tracer.
1 CCNA 2 v3.1 Module 3. 2 CCNA 2 Module 3 Configuring a Router.

1 CCNA 2 v3.1 Module 3. 2 CCNA 2 Module 3 Configuring a Router.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition

CCNA Guide to Cisco Networking Fundamentals Fourth Edition
CCNA 2 v3.1 Module 2.

CCNA 2 v3.1 Module 2.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.
CCENT Review. Put the following descriptions in order from Layer 7 to Layer 1 and give the name of each layer.

CCENT Review. Put the following descriptions in order from Layer 7 to Layer 1 and give the name of each layer.
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.
1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen

1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen
Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.

Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.
Routers A router is a computer Computers have four basic components:

Routers A router is a computer Computers have four basic components:
1 Semester 2 Module 3 Configuring a Router Yuda college of business James Chen

1 Semester 2 Module 3 Configuring a Router Yuda college of business James Chen
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 6 Configuring a Router/ Learning About Other Devices/ Managing Cisco IOS Software.

1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 6 Configuring a Router/ Learning About Other Devices/ Managing Cisco IOS Software.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 Module Summary  Cisco routers operate at Layer 3, and their function is path determination.
Chapter 6 Router Configuration Sem 2V2. Configuration files can come from the console NVRAM TFTP server. The router has several modes:  privileged mode.

Chapter 6 Router Configuration Sem 2V2. Configuration files can come from the console NVRAM TFTP server. The router has several modes:  privileged mode.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 3 Configuring a Router.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 3 Configuring a Router.
Cisco Routers Objectives –How to log into a Cisco router and determine basic settings. Contents –Differences in available methods of access. –Different.

Cisco Routers Objectives –How to log into a Cisco router and determine basic settings. Contents –Differences in available methods of access. –Different.

Similar presentations

Ads by Google