Franklin

Hardening Cisco routers / Thomas Akin.

Author/Creator:
Akin, Thomas.
Publication:
Beijing ; Sebastopol, California : O'Reilly, 2002.
Format/Description:
Book
1 online resource (192 p.)
Edition:
1st edition
Status/Location:
Loading...

Options
Location Notes Your Loan Policy

Details

Subjects:
Computer networks -- Security measures.
Routers (Computer networks).
Form/Genre:
Electronic books.
Language:
English
System Details:
text file
Summary:
As a network administrator, auditor or architect, you know the importance of securing your network and finding security solutions you can implement quickly. This succinct book departs from other security literature by focusing exclusively on ways to secure Cisco routers, rather than the entire network. The rational is simple: If the router protecting a network is exposed to hackers, then so is the network behind it. Hardening Cisco Routers is a reference for protecting the protectors. Included are the following topics: The importance of router securit
Contents:
Hardening Cisco Routers; Audience; Conventions Used in This Book; How to Contact Us; Acknowledgments; 1. Router Security; 1.2. Routers: The Foundation of the Internet; 1.3. What Can Go Wrong; 1.4. What Routers Are at Risk?; 1.5. Moving Forward; 2. IOS Version Security; 2.2. Determining the IOS Version; 2.3. IOS Versions and Vulnerabilities; 2.3.2. IOS Naming Scheme; 2.3.3. Vulnerabilities; 2.4. IOS Security Checklist; 3. Basic Access Control; 3.2. Points of Access; 3.3. Basic Access Control; 3.3.1.2. AUX and VTY passwords; 3.3.1.3. Privileged-level access control
3.3.1.4. Local username access control3.3.1.5. TACACS access control; 3.3.1.6. Disabling console, auxiliary, and VTY logins; 3.3.2. TFTP Access; 3.4. Remote Administration; 3.4.2. Dial-up Access; 3.4.3. VTY Access; 3.4.3.2. SSH; 3.4.3.3. Limiting VTY access by IP; 3.4.3.4. Additional VTY settings; 3.4.4. HTTP/Web Access; 3.4.4.2. HTTP authentication; 3.5. Protection with IPSec; 3.5.2. Creating the IPSec Extended ACL; 3.5.3. Creating IPSec Transforms; 3.5.4. Creating the Crypto Map; 3.5.5. Applying the Crypto Map to an Interface; 3.6. Basic Access Control Security Checklist
4. Passwords and Privilege Levels4.2. Clear-Text Passwords; 4.3. service password-encryption; 4.4. Enable Security; 4.5. Strong Passwords; 4.6. Keeping Configuration Files Secure; 4.7. Privilege Levels; 4.7.2. Default Privilege Levels; 4.7.3. Privilege-Level Passwords; 4.7.4. Line Privilege Levels; 4.7.5. Username Privilege Levels; 4.7.6. Changing Command Privilege Levels; 4.7.7. Privilege Mode Example; 4.7.8. Recommended Privilege-Level Changes; 4.8. Password Checklist; 5. AAA Access Control; 5.2. Local Authentication; 5.3. TACACS+ Authentication; 5.3.2. HTTP Authentication with TACACS+
5.3.3. TACACS+ Authorization5.3.3.2. Command authorization; 5.4. RADIUS Authentication; 5.4.2. HTTP Authentication with RADIUS; 5.4.3. RADIUS Authorization; 5.5. Kerberos Authentication; 5.6. Token-Based Access Control; 5.7. AAA Security Checklist; 6. Warning Banners; 6.2. Example Banner; 6.3. Adding Login Banners; 6.3.2. Login Banner; 6.3.3. AAA Authentication Banner; 6.3.4. EXEC Banner; 6.4. Warning Banner Checklist; 7. Unnecessary Protocols and Services; 7.1.2. ICMP Redirects; 7.1.2.2. ICMP redirects-receiving; 7.1.3. ICMP-Directed Broadcasts; 7.1.4. ICMP Mask Reply
7.1.5. ICMP Unreachables7.1.6. ICMP Timestamp and Information Requests; 7.2. Source Routing; 7.3. Small Services; 7.4. Finger; 7.5. HTTP; 7.6. CDP; 7.7. Proxy ARP; 7.8. Miscellaneous; 7.9. SNMP; 7.10. Unnecessary Protocols and Services Checklist; 8. SNMP Security; 8.1.2. SNMP Version 2c; 8.1.3. SNMP Version 3; 8.2. Securing SNMP v1 and v2c; 8.2.1.2. Read-only access; 8.2.1.3. Read/write access; 8.2.2. Disabling SNMP v1 and v2c; 8.2.2.2. Disabling read/write access; 8.2.3. Limiting SNMP v1 and v2c Access by IP; 8.2.3.2. Read/write access; 8.2.4. SNMP Read/Write and TFTP
8.2.5. Limiting SNMP v1 and v2c Access with Views
Notes:
Description based upon print version of record.
Description based on print version record.
ISBN:
1-306-81725-0
0-596-51635-5
0-596-55190-8
OCLC:
609841013