CompTIA LX103
Cisco ICND1
Cisco ICND2
- Topics
- To
- Be
- Added
Various
Labs
CompTIA LX103
Cisco ICND1
Cisco ICND2
Various
Labs
This is an old revision of the document!
===== Login Security ===== Quick notes on basic login security for console / VTY / Privileged Moe. ==== Console Login ==== * Protect console access for all device consoles with a password of certskills:
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#line console 0 R1(config-line)#password certskills <-- sets password for line console 0. R1(config-line)#login <-- Enables login prompt.
Although these commands will password line console 0 – the password certskills is stored in the running config in plain-english
. R1(config)#service password-encryption
will obfuscate the password so that it is no longer clear-text. ==== Secure Privilege Mode ==== * Protect privileged mode for all devices using password ccnaskills while storing the password as an MD5 hash.
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#enable secret ccnaskills R1(config)#do sh run | i secret enable secret 5 $1$vjig$siLDrz4NPN2cOc8j8tAso0
==== Telnet Security ==== * Protect Telnet access by requiring username/password login. To that end, create a username person with a password of access using the most secure option to configure the user.
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#username person secret access R1(config)#line vty 0 15 R1(config-line)#login local