Two versions of SSH are available: SSH version 1 (SSHv1) and SSH version 2
(SSHv2). Cisco IOS Software implements SSHv1. It encrypts all traf?¬?c, including
passwords, between a remote console and a network router across a Telnet session.
Because SSH sends no traf?¬?c in plaintext, network administrators can conduct remote
access sessions that casual observers will not be able to view. The SSH server in the
Cisco IOS Software works with publicly and commercially available SSH clients.
?– Disable the integrated HTTP daemon if not in use: Although Cisco IOS Software
provides an integrated HTTP server for management, it is highly recommended that
you disable it to minimize overall exposure. If HTTP access to the switch is required,
use basic ACLs to permit access only from trusted subnets.
?– Con?¬?gure system-warning banners: For both legal and administrative purposes,
con?¬?guring a system-warning banner to display before login is a convenient and
effective way to reinforce security and general usage policies. By clearly stating the
ownership, usage, access, and protection policies before a login, you provide better
support for potential prosecution.
Pages:
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125