[...]... protecting the network itself by hardening or securing the routers Specifically, it addresses preventing attackers from: • Using routers to gain information about your network for use in an attack (information leakage) • Disabling your routers (and therefore your network) • Reconfiguring your routers • Using your routers to launch further internal attacks • Using your routers to launch further external... mind, some of the first routers that need to be secured and actively monitored are: • Gateway routers that connect your network to the Internet • Routers that are part of a firewall • Routers that are connected to a trusted or secure network • Routers that perform packet filtering Moving Forward This chapter has explained what router security is and why it is vitally important Routers provide one of... can even support non-IP protocols, such as MOP or X.29 Cisco routers come with five VTY ports numbered 0 through 4, configured by default HTTP Recent Cisco IOS revisions have added the ability to access and even reconfigure routers though the Web When enabled, routers run a small web server that authenticates the user and provides access TFTP Routers use the Trivial File Transfer Protocol (TFTP) to... the Internet Every network attached to the Internet is attached by a router Some may be Linux boxes acting as routers, others may be firewalls also performing routing, but most will be dedicated Cisco routers Current estimates indicate that 80 percent of the Internet runs on Cisco equipment Routers are not only the foundation of the Internet; they are the foundation of how your company communicates... take to fix the network if attackers disabled password recovery, changed the routers passwords, and deleted the configurations Use the routers to attack internal systems Routers can give attackers a foothold into your internal network By taking control of routers, attackers can often bypass intrusion detection systems, use the routers to gain access to trusted networks, and avoid or confuse any logging... evaluating routers, the vulnerability usually averages around the same level Even though different routers may run different IOS versions, routers inherently trust other routers They trust one another in order to exchange routing information, allowing them to correctly transfer packets and route around problems Once a single router is compromised, this trust can be exploited to manipulate other routers. .. separated into parts; not yielding to pressure By hardening a router, we make it difficult to penetrate and unyielding under the pressure of attacks This chapter discusses why hardening network routers is one of the most important and overlooked aspects of Information Security It will talk about what can go wrong when routers are left insecure and identify which routers are at the most risk from attack Router... discusses the importance of having the time on all your routers and logging servers synchronized and provides examples of how to configure a Cisco router to use NTP time services Chapter 11, Logging, discusses how Cisco routers perform logging and why logging is important The chapter then demonstrates why and how to manipulate logging buffers, how to configure routers to use syslog, and when to do ACL violation... Quick Reference, allows you to secure your Cisco routers and verify that important security issues have been addressed The checklist is presented in a manner that makes it easy to quickly refer back to the chapter addressing the items outlined in the checklist reference Finally, this appendix briefly talks about using the checklist to harden and audit Cisco routers Appendix B, Physical Security, talks... security and accountability on your routers Chapter 5, AAA Access Control, discusses how to use the advanced AAA authentication and authorization configuration for Cisco routers It also shows how to use a network access server running RADIUS or TACACS+ to control these services on the router Chapter 6, Warning Banners, discusses the importance of having warning banners on routers This chapter not only talks . Hardening Cisco Routers ,TITLE.25382 Page i Friday, February 15, 2002 2:57 PM ,TITLE.25382 Page ii Friday, February 15, 2002 2:57 PM Hardening Cisco Routers Thomas. banner to use on Cisco routers. Chapter 7, Unnecessary Protocols and Services, discusses the unnecessary services that are commonly run on Cisco routers. Many