Below shows a number of commands that you can use for securing your Cisco router.
Block Denied Logins – Useful for delaying denied logins when someone is trying to brute force your router.
(config)# login block-for [seconds] attempts [attempts] within [seconds]
Quiet Login – Allows you to still login once the router has blocked login attempts because of the above. A permitted list is created via the ACL.
(config)# login quiet-mode access-class [acl]
Login Delay – Adds a delay at the point of your login being unsuccessful.
(config)# login delay [seconds]
Login Logging – Generates a log after a certain amount of failed or successful attempts.
(config)# login on-failure log [#]
(config)# login on-success log [#]
Min Password Length – Ensures that any new password created on the router meets a minimum password length.
(config)# security password min-length [number of characters]
Set Timeout – Sets a time out period for your line (con / vty).
(config-line)# exec-timeout [min/hour] [time]
Encrypt Passwords – Encrypts all passwords within your routers config.
(config) # service password-encryption
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a networking expert?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial