Harding Cisco Router
Securing routers
Routers are the basic level of the Internet. It is responsible for the communication through the network, between computers and servers. It is important to secure the routers so the attackers can’t gain information from the routers. There are many ways of securing the routers such as upgrade the operating system, warning banners and disable unneeded services. Hardening cisco routers
Upgrade IOS
One of the important parts of securing routers is to choose the right router operating system. Users can check for the latest version of IOS in the cisco website. Also, it is necessary to check for IOS update because the company fixes flaws in the IOS version.
Password Encryption
Cisco routers have password configuration file. There are three methods of indicating password, which are clear text, Vigenere encryption, and MD5 hash algorithm. These passwords methods help to secure commands which router send it through the network. Vigenere and MD5 are better in encrypted commands than clear text. In addition, cisco routers use strong MD5 encryption. Then it will be hard for the attackers to gather information. When using clear text it is easy to gather the commands by the attacker because it shows the commands. This is example of clear text. enable secret 5 $1$Guks$Ct2/uAcSKHkcxNKyavE1i1 enable password enable-password
!
username jdoe password 0 jdoe-password username rsmith password 0 rsmith-password
!
line con 0 exec-timeout 5 0 password console-password login local transport input none line aux 0 exec-timeout 5 0 password aux-password login tacacs transport input none line vty 0 4 exec-timeout 5 0 password vty-password login transport input ssh
Disable unneeded services
There is lots of cisco services are enabled by default on cisco routers. It is important to disable these services because the attackers use them for their need. According to Device Resiliency and Survivability “These are the services that
Routers are the basic level of the Internet. It is responsible for the communication through the network, between computers and servers. It is important to secure the routers so the attackers can’t gain information from the routers. There are many ways of securing the routers such as upgrade the operating system, warning banners and disable unneeded services. Hardening cisco routers
Upgrade IOS
One of the important parts of securing routers is to choose the right router operating system. Users can check for the latest version of IOS in the cisco website. Also, it is necessary to check for IOS update because the company fixes flaws in the IOS version.
Password Encryption
Cisco routers have password configuration file. There are three methods of indicating password, which are clear text, Vigenere encryption, and MD5 hash algorithm. These passwords methods help to secure commands which router send it through the network. Vigenere and MD5 are better in encrypted commands than clear text. In addition, cisco routers use strong MD5 encryption. Then it will be hard for the attackers to gather information. When using clear text it is easy to gather the commands by the attacker because it shows the commands. This is example of clear text. enable secret 5 $1$Guks$Ct2/uAcSKHkcxNKyavE1i1 enable password enable-password
!
username jdoe password 0 jdoe-password username rsmith password 0 rsmith-password
!
line con 0 exec-timeout 5 0 password console-password login local transport input none line aux 0 exec-timeout 5 0 password aux-password login tacacs transport input none line vty 0 4 exec-timeout 5 0 password vty-password login transport input ssh
Disable unneeded services
There is lots of cisco services are enabled by default on cisco routers. It is important to disable these services because the attackers use them for their need. According to Device Resiliency and Survivability “These are the services that