求职
您所在位置:365体育投注 >> 求职就业电脑培训学习网络知识网络基础知识Cisco路由器auto secure命令小结

Cisco路由器auto secure命令小结

07-22 16:55:16| http://www.zjmxgs.com |网络基础知识|人气:129我要推荐此文给好友

Cisco路由器auto secure命令小结,本站还有更多网络基础知识,网络基础,计算机网络基础知识,计算机网络知识学习方面的资料。
正文:

    路由器命令auto secure用起来比较方便,而且可以关闭一些不安全的服务和启用一些安全的服务。这里对这个命令做了一个总结。(注:ios版本为:12.3(1)以上才支持使用)

    总结如下:

    1、关闭一些全局的不安全服务如下:

    Finger

    PAD

    Small Servers

    Bootp

    HTTP service

    Identification Service

    CDP

    NTP

    Source Routing

    2、开启一些全局的安全服务如下:

    PassWord-encryption service

    Tuning of scheduler interval/allocation

    TCP synwait-time

    TCP-keepalives-in and tcp-kepalives-out

    SPD configuration

    No ip unreachables for null 0

    3、关闭接口的一些不安全服务如下:

    ICMP

    Proxy-Arp

    Directed Broadcast

    Disables MOP service

    Disables icmp unreachables

    Disables icmp mask reply messages.

    4、提供日志安全如下:

    Enables sequence numbers & timestamp

    Provides a console log

    Sets log buffered size

    Provides an interactive dialogue to configure the logging server ip address.

    5、保护访问路由器如下:

    Checks for a banner and provides facility to add text to automatically configure:

    Login and password

    Transport input & output

    Exec-timeout

    Local AAA

    SSH timeout and ssh authentication-retries to minimum number

    Enable only SSH and SCP for Access and file transfer to/from the router

    6、保护转发Forwarding Plane

    Enables Cisco EXPress Forwarding (CEF) or distributed CEF on the router, when available


    Anti-spoofing

    Blocks all IANA reserved IP address blocks

    Blocks private address blocks if customer desires

    Installs a default route to NULL 0, if a default route is not being used

    Configures TCP intercept for connection-timeout, if TCP intercept feature is available and the user is interested

    Starts interactive configuration for CBAC on interfaces facing the Internet, when using a Cisco IOS Firewall image,

    Enables NetFlow on software forwarding platforms


如果觉得《Cisco路由器auto secure命令小结》不错,可以推荐给好友哦。


文章关键字:电脑培训学习 - 网络知识 - 网络基础知识,网络基础,计算机网络基础知识,计算机网络知识学习   

与Cisco路由器auto secure命令小结 相关的文章