Hardening Cisco Routers
Paperback Engels 2002 9780596001667Samenvatting
As a network administrator, auditor or architect, you know the importance of securing your network and finding security solutions you can implement quickly. This succinct book departs from other security literature by focusing exclusively on ways to secure Cisco routers, rather than the entire network. The rational is simple: If the router protecting a network is exposed to hackers, then so is the network behind it. Hardening Cisco Routers is a reference for protecting the protectors. Included are the following topics:The importance of router security and where routers fit into an overall security planDifferent router configurations for various versions of Ciscos IOSStandard ways to access a Cisco router and the security implications of eachPassword and privilege levels in Cisco routersAuthentication, Authorization, and Accounting (AAA) controlRouter warning banner use (as recommended by the FBI) Unnecessary protocols and services commonly run on Cisco routersSNMP securityAnti-spoofingProtocol security for RIP, OSPF, EIGRP, NTP, and BGPLogging violationsIncident responsePhysical securityWritten by Thomas Akin, an experienced Certified Information Systems Security Professional (CISSP) and Certified Cisco Academic Instructor (CCAI), the book is well organized, emphasizing practicality and a hands-on approach. At the end of each chapter, Akin includes a Checklist that summarizes the hardening techniques discussed in the chapter. The Checklists help you double-check the configurations you have been instructed to make, and serve as quick references for future security procedures.Concise and to the point, Hardening Cisco Routers supplies you with all the tools necessary to turn a potential vulnerability into a strength. In an area that is otherwise poorly documented, this is the one book that will help you make your Cisco routers rock solid.
Specificaties
Lezersrecensies
Inhoudsopgave
Organization;
Audience;
Conventions Used in This Book;
How to Contact Us;
Acknowledgments;
Chapter 1: Router Security;
1.1 Router Security?;
1.2 Routers: The Foundation of the Internet;
1.3 What Can Go Wrong;
1.4 What Routers Are at Risk?;
1.5 Moving Forward;
Chapter 2: IOS Version Security;
2.1 The Need for a Current IOS;
2.2 Determining the IOS Version;
2.3 IOS Versions and Vulnerabilities;
2.4 IOS Security Checklist;
Chapter 3: Basic Access Control;
3.1 Authentication Versus Authorization;
3.2 Points of Access;
3.3 Basic Access Control;
3.4 Remote Administration;
3.5 Protection with IPSec;
3.6 Basic Access Control Security Checklist;
Chapter 4: Passwords and Privilege Levels;
4.1 Password Encryption;
4.2 Clear-Text Passwords;
4.3 service password-encryption;
4.4 Enable Security;
4.5 Strong Passwords;
4.6 Keeping Configuration Files Secure;
4.7 Privilege Levels;
4.8 Password Checklist;
Chapter 5: AAA Access Control;
5.1 Enabling AAA;
5.2 Local Authentication;
5.3 TACACS+ Authentication;
5.4 RADIUS Authentication;
5.5 Kerberos Authentication;
5.6 Token-Based Access Control;
5.7 AAA Security Checklist;
Chapter 6: Warning Banners;
6.1 Legal Issues;
6.2 Example Banner;
6.3 Adding Login Banners;
6.4 Warning Banner Checklist;
Chapter 7: Unnecessary Protocols and Services;
7.1 ICMP;
7.2 Source Routing;
7.3 Small Services;
7.4 Finger;
7.5 HTTP;
7.6 CDP;
7.7 Proxy ARP;
7.8 Miscellaneous;
7.9 SNMP;
7.10 Unnecessary Protocols and Services Checklist;
Chapter 8: SNMP Security;
8.1 SNMP Versions;
8.2 Securing SNMP v1 and v2c;
8.3 Securing SNMP v3;
8.4 SNMP Management Servers;
8.5 SNMP Security Checklist;
Chapter 9: Secure Routing and Antispoofing;
9.1 Antispoofing;
9.2 Routing Protocol Security;
9.3 Routing Protocol and Antispoofing Checklist;
Chapter 10: NTP;
10.1 NTP Overview;
10.2 Configuring NTP;
10.3 NTP Checklist;
Chapter 11: Logging;
11.1 Logging in General;
11.2 Router Logging;
11.3 ACL Violation Logging;
11.4 AAA Accounting;
11.5 Logging Checklist;
Appendix A: Checklist Quick Reference;
A.1 Hardening Your Routers;
A.2 Auditing Your Routers;
A.3 Cisco Router Security Checklist;
Appendix B: Physical Security;
B.1 Protection Against People;
B.2 Protection Against Murphy and Mother Nature;
B.3 Physical Security Checklist;
Appendix C: Incident Response;
C.1 Warning!;
C.2 Keys to Investigating;
C.3 Attack Versus Accident;
C.4 Discover What Happened and the Scope of the Incident;
C.5 Evidence Preservation;
C.6 Recovering from the Incident;
C.7 Preventing Future Incidents;
C.8 Incident Response Checklist;
Appendix D: Configuration Examples;
D.1 Basic Example Configuration;
D.2 AAA Example Configuration;
D.3 SNMP Example Configuration;
D.4 HTTP Configuration;
Appendix E: Resources;
E.1 Web Sites;
E.2 Books;
Colophon;
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan