Therefore, apply standard practices
in selecting a feasible password.
?– Try to pick passwords that contain both letters and numbers in addition to special
characters: For example, choose ???$pecia1$??? instead of ???specials,??? in which the ???s???
has been replaced with ???$,??? and the ???l??? has been replaced with ???1??? (one).
?– Secure access to the console: Console access requires a minimum level of security
both physically and logically. An individual who gains console access to a system is
able to recover or reset the system-enable password, thus allowing that person to
bypass all other security implemented on that system. Consequently, it is imperative to
secure physical access to the console.
?– Secure access to vty lines: These are the minimum recommended steps for securing
Telnet access:
??” Apply a basic ACL for in-band access to all vty lines.
Securing the Expanded Network 69
??” Con?¬?gure a line password for all con?¬?gured vty lines.
??” If the installed Cisco IOS Software permits, use the Secure Shell (SSH)
protocol instead of Telnet to access the device remotely.
?– Use SSH: The SSH protocol and application provide a secure remote connection to a
router.
Pages:
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124