PRTG Traffic Grapher: Bandwidth and Network
Usage Monitoring Made Easy.
FREE Download of PRTG Traffic Grapher

eBusiness Help
Rackspace managed Hosting: Fanatical Support™ and Guaranteed 100% network uptime.
1 hour hardware fix and many more business critical support features.
Sweet deals for iEntry members! Out with the old, in with the new...
if you have equipment that qualifies for trade-in, get a discount of up to $720* off the Web price on featured IBM ® ThinkPad ® notebooks.


WebProWorld Networking Forum

I am looking for the best multi-file upload script...
I want to build a site much like PutFile.com. I would like for everybody to a member to access this and the memberships are going to be free.

UML and PHP
Hello firends UML is used to show relationship between classes in C#. What about php? When we are building a database application by php,Is there any special UML software for that?

Questions for Javascript, CGI expert
Hello. I have a potential client that wants a site with a calculation function for printing jobs. Here is a sample site with the type of calculator and scripts he'll need.


Recent Articles

Cisco Updates Storage Virtualization Solutions
Cisco Systems unveiled significant updates to its network-based storage virtualization solutions.

Surviving The Cisco Cable Jungle
One of the most confusing parts of beginning your Cisco studies is keeping all the cable types separate in your mind, and then remembering what they're used for.

NETGEAR Releases RangeMax Family
NETGEAR announced the availability of its RangeMax family of wireless networking products. Based on Video54's patent-pending BeamFlex technology

03.17.05

Configuring Basic Cisco Router Security

By Chris Bryant

Network security is a hot topic today, and will only increase in importance in the months and years ahead.

While most of the attention is paid to exterior threats, there are some steps you can take to prevent unwanted Cisco router access from within your organization.

Whether you want to limit what certain users can do and run on your routers, or prevent unauthorized users in your company from getting to config mode in the first place, here are four important yet simple steps you can take to do so.

Encrypt the passwords in your running configuration.

This is a basic Cisco router security command that is often overlooked. It doesn't do you any good to set passwords for your ISDN connection or Telnet connections if anyone who can see your router's running configuration can see the passwords. By default, these passwords are displayed in your running config in clear text.

One simple command takes care of that. In global configuration mode, run service password-encryption. This command will encrypt all clear text passwords in your running configuration.


Set a console password.

If I walked into your network room right now, could I sit down and start configuring your Cisco routers?

If so, you need to set a console password. This password is a basic yet important step in limiting router access in your network. Go into line configuration mode with the command "line con 0", and set a password with the password command.

Limit user capabilities with privilege level commands.

Not everyone who has access to your routers should be able to do anything they want. With careful use of privilege levels, you can limit the commands given users can run on your routers.

Privilege levels can be a little clumsy at first, but with practice you'll be tying your routers down as tight as you like. Visit www.cisco.com/univercd for documentation on configuring privilege levels.

Use NetSupports Scan function to monitor exactly what is happening on your networked workstations and servers and to see what you users'are doing. Try it Free

Configure an "enable secret" password.

It's not uncommon for me to see a router that has an enable mode password set, but it's in clear text.

By using "enable secret", the enable mode password will automatically be encrypted. Remember, if you have an enable password and enable secret password set on the same router, the enable secret password takes precedence.

These four basic steps will help prevent unwanted router access from inside your network. If only preventing problems from outside your network was as simple!


About the Author:
Chris Bryant, CCIE™ #12933, has been active in the Cisco certification community for years. He worked his way up from the CCNA to the CCIE, and knows what CCNA and CCNP candidates need to know to be effective on the job and in the exam room.

He is the owner of http://www.thebryantadvantage.com, where he teaches CCNA and CCNP courses to small groups of exam candidates, ensuring they each receive the individual attention they deserve. Classes are offered over the Internet and in select cities. chris@thebryantadvantage.com.

About NetworkNewz
NetworkNewz editors, writers and contributors focus on both the big picture and the details of networking. At NetworkNewz our goal is to deliver to you The Key To Network Management.

NetworkNewz is brought to you by:

SecurityConfig.comNetworkingFiles.com
ITmanagementNews.comWebProASP.com
DatabaseProNews.comSQLProNews.com
ITcertificationNews.comSysAdminNews.com
LinuxProNews.comWirelessProNews.com
CProgrammingTrends.comITmanagementNews.com


-- NetworkNewz is an iEntry, Inc. publication --
iEntry, Inc. 880 Corporate Drive, Lexington, KY 40503
2005 iEntry, Inc.  All Rights Reserved  Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article

The Keys To Network Management Ask Questions in the Networking Forum NetworkNewz News Archives About Us Feedback NetworkNewz Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact