Here is a great example of a secure router config
http://www.cymru.com/Documents/secure-ios-template.html
As is see it TACACS is the only way to go for router logins, I don't
know why they would object to it.
I don't see why they would object to ssh, as far as I know ssh does
not
I personally don't like the idea of having to pull out the NVRAM.
I would just configure a user mode password for the console and AUX ports.
Any way here are some awesome links on how to secure cisco IOS routers and a
good secure BGP config to boot as well. I would be VERY careful
the command would be
[no] service password-recovery
-Original Message-
From: Dave Cooper [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:47 PM
To: [EMAIL PROTECTED]
Subject:Re: Cisco Password Recovery
I have actually made metal plates and screwed them over
Use ip accounting
-- Jeff d'Ambly
Network Engineer
http://www.monster.com
Stay the patient course.
Of little worth is your ire.
The network is up.
-Original Message-
From: Jerry Roy [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 22, 2002 8:00 P
f matches it just makes sense to log to a database.
Thanks for all your help and hints.
d'Ambly, Jeff wrote:
>My boss asked me the other day if we could log AOL instant messenger
>conversations, I know of course this can be done with any sniffer but I was
>wondering if there was a
That is really strange, I have used ethereal for a long time now, I would
agree that your winpcap install is messed up, there is nothing special you
need to do to get tcp packets, oh and check your filters too, good luck.
-- Jeff d'Ambly
Network Engineer
http://www.monster.com
--
My boss asked me the other day if we could log AOL instant messenger
conversations, I know of course this can be done with any sniffer but I was
wondering if there was a quick and easy way to do this. I was thinking
perhaps I could use snort, but how could I reassemble the conversations? I
would n
I was wondering if anyone had used snort to detect some one spidering you
website. I know that snort must be able to do this but I am not sure how.
Has anyone used snort in that manner?
-- Jeff d'Ambly
Network Engineer
http://www.monster.com
Stay the patient c
Ipsec ip 50
Pptp 1723 tcp/udp
-Original Message-
From: Al Miller [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 14, 2001 12:32 PM
To: [EMAIL PROTECTED]
Subject:Cisco VPN client
Hey All,
I had a question regarding what ports on my firewall should be opened to
mak
Zircom will
-Original Message-
From: David H Hickman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 17, 2001 10:03 AM
To: [EMAIL PROTECTED]
Subject:Promiscuous pcmcia network card
Hello. I need to run nmap, nessus and ethereal on a laptop. So far I
am 0/3 on car
With the advent of turbo access-loist the performance is not degraded on a
router, whne compared with a pix. The main reason to use the PIX is the
logs. The pix gernertes much better logs than the routers. It is easier to
track what is going on. Plus the PIX has some IDS code in it and dose match
I had tested it and here is what I thought;
The Web interface was a bit lame ( not very pretty or clean, we like
to impress people, management likes "graphs" ). The actual engine was good
box ran fast. They have an agent runs on all you hosts, this basically makes
a software firewall on a
Go into your router and look at the arp table, find out the MAC address of
the machine and then trace it through your switch fabric until you find it
-- Jeff d'Ambly
Network Engineer
http://www.monster.com
Stay the patient course.
Of little worth is your ire.
13 matches
Mail list logo