Presentation is loading. Please wait.

Presentation is loading. Please wait.

Review - week 4 Basic device access security

Published byRiitta Mäki Modified over 5 years ago

Similar presentations

Presentation on theme: "Review - week 4 Basic device access security"— Presentation transcript:

1 Review - week 4 Basic device access security
Password protect con 0, vty 0 4, privileged exec Strong passwords Store encrypted Service password encryption Enable password Level 8 and 9

2 Review - week 4 Guarding against password attacks Login delay period
Login quiet period after bad attempts Exception for admins

3 Review - week 4 Access security Require username and password
Store in local database Line con 0 Login local Line vty 0 4 Use AAA method list Aaa new-model Aaa authentication login default local

4 Review - week 4 Additional remote access security Apply access list
Access-list 1 permit x.x.x.x Line vty 0 4 Access-class 1 in Require SSH Create crypto key crypto key generate rsa general-keys modulus 1024 Set domain name Ip domain-name cis46.com Transport input ssh

5 Set privilege levels privilege exec level 5 show
username admin5 privilege 5 secret cisco Use views A View contains a command or commands A superview contains one or more views

Download ppt "Review - week 4 Basic device access security"

Similar presentations

Cisco Device Hardening Disabling Unused Cisco Router Network Services and Interfaces.

Cisco Device Hardening Disabling Unused Cisco Router Network Services and Interfaces.
DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
Securing the Router Chris Cunningham.

Securing the Router Chris Cunningham.
Radius based ssh authentication Location of Radius server – radius-server host 192.168.1.2 auth-port 1812 acct-port 1813 key WinRadius – The same config.

Radius based ssh authentication Location of Radius server – radius-server host auth-port 1812 acct-port 1813 key WinRadius – The same config.
(Remote Access Security) AAA. 2 Authentication User named flannery dials into an access server that is configured with CHAP. The access server will.

(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.
S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.

S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.
Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.

Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.
Summer Classes Router - Initial Configuration By Roshan Chaudhary Lecturer Islington College.

Summer Classes Router - Initial Configuration By Roshan Chaudhary Lecturer Islington College.
Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.

Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.
CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.

CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 5 City College.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 5 City College.
CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.

CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Basic Switch Concept Prepared by: Akhyari Nasir Resources form Internet.
Cisco Configuration Elements Network Monitoring and Management Tutorial.

Cisco Configuration Elements Network Monitoring and Management Tutorial.
User Access to Router Securing Access.

User Access to Router Securing Access.
Slide 1 SNMPv3, SSH & Cisco Matthew G. Marsh Chief Scientist of the NEbraskaCERT.

Slide 1 SNMPv3, SSH & Cisco Matthew G. Marsh Chief Scientist of the NEbraskaCERT.

Similar presentations

Ads by Google