Physical
security is more critical than network security but is often overlooked by network administrators. Despite all the high-level
safeguard measures, a compromise in physical access will almost always result in a complete compromise. Having a secured
physical facility that is accessible only to authorized personnel is extremely important.
Passwords
Identification is mainly based on a combination of the username and the password. A password is a protected string of characters
that is used to authenticate a user. There are three types of password protection schemes in Cisco IOS.
Clear-text passwords: These are the most insecure because they have no encryption. Passwords are viewable in the
device configuration in clear text.
Type 7 passwords: These use the Cisco proprietary encryption algorithm and are known to be weak. Several password
utilities are available to decipher Type 7 encrypted passwords. Type 7 encryption is used by the enable password ,
username , and line password commands.
Type 5 passwords: These use MD5 hashing algorithm (one-way hash) and are therefore much stronger because they considered irreversible. The only way to crack the Type 5 password is by using brute force or dictionary attacks.
Pages:
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116