>

Most Viewed Networking Devices:

  1. Small business firewalls
  2. Computer networking hardware
  3. High speed gigabit PCI adapter
  4. USB 3.0 PCI Card for Super Speed Data Transfer Rate
  5. Small Business Computer Network with Apple Mac Mini Server
  6. NSA 240 Sonicwall Small Business Network Security
  7. Cisco WRVS4400N Wireless Security Router
  8. Cisco RV 120W Wireless-N VPN Firewall and VLAN Router
  9. Cisco RV016 Multi WAN Router For Small Business
  10. Cisco RV220W Small Business Router
  11. Cisco RV082 Dual WAN VPN Router
  12. Edimax EnduraLINK ER-1088 Multi WAN Routers
  13. TL-R4299G Dual WAN Router for Internet Café
  14. New WNDR4500 N900 Vs Tew-692GR N900 Routers
  15. Netgear WNDR4000 and WNDR3800 Dual Band Routers
  16. Linksys E2500 Advanced Dual Band Router Vs E2000
  17. Linksys E-4200 Dual Band Gigabit Router

Most viewed Security Management:

  1. Information security management
  2. Firewalls Security Guidelines
  3. Business Continuity and Disaster Recovery Planning
  4. An Example of LAN Network Risk Assessment
  5. Information security policy guidelines
  6. Network Security Best Practices
  7. IT Security Risk Assessment

Most Viewed Networking Concepts:

  1. Local area network topology
  2. LAN Cable - standard deployment
  3. Easy way to calculate subnet mask
  4. VLAN tutorial
  5. WAN technologies
  6. Route summarization
  7. Understanding firewall with DMZ

 
«  
  »

Router Password


One of the areas to manage in managing the information security is protecting physical and environmental security where information processing facilities are located such as the networking routers. When the intruders can physically access the routers, the next step is getting the router password. Protecting physical and environmental security is one of the elements to manage in the information security management.

This article will discuss about the Cisco router password and setting router banners.

Cisco router password

There are two types of Cisco router password you can setup, “enable” and “enable secret” password. You need to securely protect these passwords from the intruders.

  • The passwords control access to privileged EXEC mode
  • The enable password is stored in clear text (not encrypted), you can view the password when you type the show run command
  • The enable secret password is encrypted, when you type the “show run” command, the password is not in clear text, it is encrypted.
  • The router uses the enable secret password if it exist
  • The enable and enable secret password should be different

Setting the router passwords

To set the enable password, use Router (config)# enable password <router_password>
To set the enable secret password, use: Router (config)# enable secret <your_router_password>

Setting line passwords

You can set the passwords that control access to the router through a console and a virtual terminal connection. You must set the VTY password before you can use a virtual terminal to connect to the router.

To switch to the line configuration mode for the console Router (config)# line con
To switch to the line configuration mode for the virtual terminal Router (config)# line vty
To set the password Router (config-line)# password
To enable word checking and require the password Router (config-line)# login

Examples

The following commands set the password “cracker” for the console and enable the password

Router (config)# line con 0

Router (config-line)# password cracker

Router (config-line)# login
The following commands set the password “cracker” for all the VTY lines on the router and enables the password

Router (config)# line vty 0 4

Router (config-line)# password cracker

Router (config-line)# login

Setting router banners

If you would like to display the banner when anyone logon into the router, router allows that with banner command. The following four types of the banners display at various times during the login or startup sequence

  • MOTD (message of the day) – displays immediately after a connection is made
  • Login – displays after the MOTD banner and before the login prompt
  • EXEC – displays after a successful login
  • Incoming-displays for a reverse telnet session
To set the Message-of-the-day banner Router (config)# banner motd
To set the login banner Router (config)# banner login
To set the EXEC banner Router (config)# banner exec

Follow the banner command with a delimiter character. The delimiter encloses the banner text, and helps the router identify the beginning and ending the banner.

Examples:

The following commands set the MOTD, login, and EXEC banners, using # as the delimiting character and inserting a hard return between each banner.

Router (config)# banner motd # This is the Message-of-the-day banners!#

Router (config)# banner login # <cr>

This is the login banner! #

Router (config)# banner exec # <cr>

This is the Exec banner!#

Everything you type is considered part of the banner, until you use the delimiting character again. This includes other characters, hard return, spaces, and so on. Therefore, as you set a banner, you must specify a delimiter character, a start and stop symbol that does not appear in the body of the banner. The delimiting character tells the router when the banner text stops. The banner appears on the screen exactly as you type it.

To remove or delete an item from the router configuration, precede the configuration command with the no keyword. For example, banner motd #This is the banner# sets the MOTD banner, and no banner motd removes it.

Router password should be made as strong as possible, the article about securing the password will help you create and maintain strong router password as guidance. Check out other article about corporate security software here.


See also:

Share
September 18th, 2009 | Tags: , , | Category: Network Security

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>