Difference between revisions of "Security Cisco IOS"
From Teknologisk videncenter
m |
m |
||
| Line 1: | Line 1: | ||
| + | =Login process= | ||
| + | *Implement delays between sussessive login attempts | ||
| + | *Enable login shutdown if DoS attacks suspected | ||
| + | *Generate system-logging | ||
| + | <source lang=cli> | ||
| + | login block-for 15 attempts 5 within 60 | ||
| + | ! | ||
| + | ip access-list standard PERMIT-ADMIN | ||
| + | remark Permit only Administrative hosts | ||
| + | permit 192.168.10.10 | ||
| + | permit 192.168.11.10 | ||
| + | ! | ||
| + | login quiet-mode access-class PERMIT-ADMIN | ||
| + | login delay 10 | ||
| + | login on-success log | ||
| + | login on-failure log | ||
| + | </source> | ||
=Password= | =Password= | ||
*[http://www.ifm.net.nz/cookbooks/passwordcracker.html password 7 cracker] | *[http://www.ifm.net.nz/cookbooks/passwordcracker.html password 7 cracker] | ||
[[Categoty:Security]] | [[Categoty:Security]] | ||
Revision as of 12:38, 14 November 2017
Login process
- Implement delays between sussessive login attempts
- Enable login shutdown if DoS attacks suspected
- Generate system-logging
login block-for 15 attempts 5 within 60
!
ip access-list standard PERMIT-ADMIN
remark Permit only Administrative hosts
permit 192.168.10.10
permit 192.168.11.10
!
login quiet-mode access-class PERMIT-ADMIN
login delay 10
login on-success log
login on-failure log