Difference between revisions of "Security Cisco IOS"
From Teknologisk videncenter
m |
m |
||
Line 1: | Line 1: | ||
+ | =Login process= | ||
+ | *Implement delays between sussessive login attempts | ||
+ | *Enable login shutdown if DoS attacks suspected | ||
+ | *Generate system-logging | ||
+ | <source lang=cli> | ||
+ | login block-for 15 attempts 5 within 60 | ||
+ | ! | ||
+ | ip access-list standard PERMIT-ADMIN | ||
+ | remark Permit only Administrative hosts | ||
+ | permit 192.168.10.10 | ||
+ | permit 192.168.11.10 | ||
+ | ! | ||
+ | login quiet-mode access-class PERMIT-ADMIN | ||
+ | login delay 10 | ||
+ | login on-success log | ||
+ | login on-failure log | ||
+ | </source> | ||
=Password= | =Password= | ||
*[http://www.ifm.net.nz/cookbooks/passwordcracker.html password 7 cracker] | *[http://www.ifm.net.nz/cookbooks/passwordcracker.html password 7 cracker] | ||
[[Categoty:Security]] | [[Categoty:Security]] |
Revision as of 12:38, 14 November 2017
Login process
- Implement delays between sussessive login attempts
- Enable login shutdown if DoS attacks suspected
- Generate system-logging
login block-for 15 attempts 5 within 60
!
ip access-list standard PERMIT-ADMIN
remark Permit only Administrative hosts
permit 192.168.10.10
permit 192.168.11.10
!
login quiet-mode access-class PERMIT-ADMIN
login delay 10
login on-success log
login on-failure log