Difference between revisions of "Netband Project - Device hardening"
From Teknologisk videncenter
(→External links) |
(→Cisco IOS Software Resilient Configuration) |
||
| Line 19: | Line 19: | ||
secure boot-config | secure boot-config | ||
</pre> | </pre> | ||
| + | <pre>B1rt1#sh secure bootset | ||
| + | IOS resilience router id FCZ111910E5 | ||
| + | |||
| + | IOS image resilience version 12.4 activated at 11:05:51 UTC Thu Apr 16 2009 | ||
| + | Secure archive flash:c2801-advipservicesk9-mz.124-9.T.bin type is image (elf) [] | ||
| + | file size is 30588892 bytes, run size is 30754576 bytes | ||
| + | Runnable image, entry point 0x8000F000, run from ram | ||
| + | |||
| + | IOS configuration resilience version 12.4 activated at 11:06:11 UTC Thu Apr 16 2009 | ||
| + | Secure archive flash:.runcfg-20090416-110611.ar type is config | ||
| + | configuration archive size 4555 bytes | ||
| + | </pre> | ||
| + | |||
==External links== | ==External links== | ||
[http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml Cisco Guide to Harden Cisco IOS Devices] | [http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml Cisco Guide to Harden Cisco IOS Devices] | ||
Revision as of 12:06, 16 April 2009
<accesscontrol>NetBand</accesscontrol>
This page is part of the Netband Project
- Management Plane—The management plane manages traffic that is sent to the Cisco IOS device and is made up of applications and protocols such as SSH and SNMP.
- Control Plane—The control plane of a network device processes the traffic that is paramount to maintaining the functionality of the network infrastructure. The control plane consists of applications and protocols between network devices.
- Data Plane—The data plane forwards data through a network device. The data plane does not include traffic that is sent to the local Cisco IOS device.
Exclusive Configuration Change Access
- ensures that only one administrator makes configuration changes to a Cisco IOS device at a given time.
B1rt1(config)#configuration mode exclusive auto ! B1rt1(config)#interface fa0/0 Configuration mode locked exclusively by user 'admin' process '56' from terminal '195'. Please try later.
Cisco IOS Software Resilient Configuration
- stores a copy of the Cisco IOS software image and device configuration that is currently being used by a Cisco IOS device.
secure boot-image secure boot-config
B1rt1#sh secure bootset IOS resilience router id FCZ111910E5 IOS image resilience version 12.4 activated at 11:05:51 UTC Thu Apr 16 2009 Secure archive flash:c2801-advipservicesk9-mz.124-9.T.bin type is image (elf) [] file size is 30588892 bytes, run size is 30754576 bytes Runnable image, entry point 0x8000F000, run from ram IOS configuration resilience version 12.4 activated at 11:06:11 UTC Thu Apr 16 2009 Secure archive flash:.runcfg-20090416-110611.ar type is config configuration archive size 4555 bytes