《路由知识 Cisco路由器auto secure命令总结计算机电子支付_计算机-网络与通信.pdf》由会员分享,可在线阅读,更多相关《路由知识 Cisco路由器auto secure命令总结计算机电子支付_计算机-网络与通信.pdf(3页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、路由知识 Cisco 路由器auto secure 命令总结 路由知识 Cisco 路由器 auto secure命令总结 路由器命令 auto secure用起来比较方便,而且可以关闭一些不安全的服务和启用一些安全的服务。这里对这个命令做了一个总结。总结如下:1、关闭一些全局的不安全服务如下:Finger PAD Small Servers Bootp HTTP service Identification Service CDP NTP Source Routing 2、开启一些全局的安全服务如下:Password-encryption service Tuning of schedule
2、r interval/allocation TCP synwait-time TCP-keepalives-in and tcp-kepalives-out SPD configuration No ip unreachables for null 0 3、关闭接口的一些不安全服务如下:ICMP Proxy-Arp Directed Broadcast Disables MOP service Disables icmp unreachables Disables icmp mask reply messages.4、提供日志安全如下:Enables sequence numbers&time
3、stamp Provides a console log Sets log buffered size Provides an interactive dialogue to configure the logging server ip address.5、保护访问路由器如下:Checks for a banner and provides facility to add text to automatically configure:Login and password Transport input&output Exec-timeout Local AAA SSH timeout an
4、d ssh authentication-retries to minimum number Enable only SSH and SCP for access and file transfer to/from the router 6、保护转发 Forwarding Plane 启用一些安全的服务这里对这个命令做了一个总结总结如下关闭一些全局的不安全服务如下开启一些全局的安全服务如下关闭接口的一些不安全服务如下提供日志安全如下保护访问路由器如下保护转发 Enables Cisco Express Forwarding(CEF)or distributed CEF on the route
5、r,when available Anti-spoofing Blocks all IANA reserved IP address blocks Blocks private address blocks if customer desires Installs a default route to NULL 0,if a default route is not being used Configures TCP intercept for connection-timeout,if TCP intercept feature is available and the user is interested Starts interactive configuration for CBAC on interfaces facing the Internet,when using a Cisco IOS Firewall image,Enables NetFlow on software forwarding platforms 启用一些安全的服务这里对这个命令做了一个总结总结如下关闭一些全局的不安全服务如下开启一些全局的安全服务如下关闭接口的一些不安全服务如下提供日志安全如下保护访问路由器如下保护转发