Set Banner | 321 Studios OL-7141-04 specification

Chapter 1 Cisco SDM Express

Supplementary Help

The configuration that will be delivered to the router is as follows:

security passwords min-length <6>

Set Authentication Failure Rate to Less Than 3 Retries

Cisco SDM Express configures your router to lock access after 3 unsuccessful login attempts whenever possible. One method of cracking passwords, called the “dictionary” attack, is to use software that attempts to log in using every word in a dictionary. This configuration causes access to the router to be locked for a period of 15 seconds after 3 unsuccessful login attempts, disabling the dictionary method of attack. In addition to locking access to the router, this configuration causes a log message to be generated after 3 unsuccessful login attempts, warning the administrator of the unsuccessful login attempts.

The configuration that will be delivered to the router to lock router access after 3 unsuccessful login attempts is as follows:

security authentication failure rate <3>

Set Banner

Cisco SDM Express configures a text banner whenever possible. In some jurisdictions, civil and/or criminal prosecution of users who break into your systems is made much easier if you provide a banner informing unauthorized users that their use is in fact unauthorized. In other jurisdictions, you may be forbidden to monitor the activities of even unauthorized users unless you have taken steps to notify them of your intent to do so. The text banner is one method of performing this notification.

The configuration that will be delivered to the router to create a text banner is as follows, replacing <company name>, <administrator email address>, and <administrator phone number> with the appropriate values that you enter into Cisco SDM Express:

banner ~

Authorized access only

This system is the property of <company name> Enterprise.

Disconnect IMMEDIATELY as you are not an authorized user!

Contact <administrator email address> <administrator phone number>.

~

		Cisco SDM Express
		Cisco SDM Express
	OL-7141-04			1-41
	OL-7141-04			1-41

Image 47

321 Studios OL-7141-04 manual Set Authentication Failure Rate to Less Than 3 Retries, Set Banner

Contents

Cisco SDM Express User’s Guide Cisco SDM Express User’s Guide N T E N T S Contents Cisco SDM Express Edit Mode Contents A P T E R Welcome Domain Name Field Basic ConfigurationUsername and Password Fields Hostname Field SDM Express Enable Secret Password FieldRouter Provisioning CNS Server Provision From USB TokenUSB Token or USB Flash Secure Device Provisioning Provision From USB Flash File Selection Size Wireless Interface ConfigurationLAN Interface Configuration Name Subnet Mask Field Wireless Parameters FieldsInterface/Bridge-to-Interface List IP Address Field Starting IP Address Field Dhcp Server ConfigurationEnable Dhcp server on the LAN interface Check Box Refresh, Apply Changes, Discard Changes Buttons Secondary Domain Name Server Field Ending IP Address FieldPrimary Domain Name Server Field Address Type List Enable PPPoE Check BoxInternet WAN Ethernet Interface Use these DNS values for Dhcp clients Check Box Username Field Authentication Type Check BoxPassword Field Confirm Password Field Internet WAN User Specified Encapsulation Status Icon and Enable or Disable ButtonInternet WAN Autodetect Encapsulation Virtual Circuit Identifier Field Encapsulation ListVirtual Path Identifier Field IP Address for Remote Connection in Central Office Field Add Connection, Edit, Delete Buttons Enable or Disable ButtonWAN Interface Selection Refresh Button Serial ConnectionInterface List IP Address and Subnet Mask Fields Frame Relay Configuration Settings Link Use Ietf Frame Relay Encapsulation Check Box Frame Relay Configuration SettingsDlci Field LMI Type Field CNS Server Information Internet WAN Advanced Options Secondary DNS Field Firewall ConfigurationPrimary DNS Field Security Settings Disable Services that Involve Security Risks Check Box Disable Snmp Services on Your Router Check Box Summary Enhance Security on Router Access Check BoxEncrypt Passwords Check Box Cisco Router and Security Device Manager Cisco Network ServicesSupplementary Help Disable Snmp Security Settings Disable PAD Service Disable Finger Service Disable TCP Small Servers Service Disable IP Bootp Server Service Disable UDP Small Servers Service Disable CDP Disable IP Identification Service Enable Password Encryption Service Disable IP Source Route Enable TCP Keepalives for Inbound Telnet Sessions Enable Netflow Switching Enable IP CEF Enable TCP Keepalives for Outbound Telnet SessionsEnable Sequence Numbers and Time Stamps on Debugs Set Scheduler Allocate Set Scheduler Interval Set TCP Synwait Time Enable Unicast RPF on Outside Interfaces Enable Logging Disable IP Redirects Disable IP Gratuitous ARPs Disable IP Directed Broadcast Disable IP Proxy ARP Disable IP Unreachables Disable MOP Service Set Minimum Password Length to Less Than 6 Characters Disable IP Mask Reply Set Banner Set Authentication Failure Rate to Less Than 3 Retries Enable SSH for Access to the Router Enable Telnet Settings About Button Cisco SDM Express ButtonsHelp Button Discard Changes Button Reconnecting to the Router After Initial ConfigurationExit Button Apply Changes Button Testing Your WAN Internet Connection Troubleshooting Tips SDP Troubleshooting Tips LAN Fields OverviewIcons Firewall Fields Internet WAN Fields Edit/Delete Buttons Username/Login Password/Password is Encrypted Fields Refresh/Apply Changes/Discard Changes Buttons Encrypt password using MD5 hash algorithm CheckboxBridge/Do not bridge LAN interface with wireless Checkbox Edit a Username No WAN Available WirelessWAN-Unable to Configure WAN Interface LAN interface configuration Fields Firewall Enable Firewall/Disable Firewall ButtonsDelete Connection Unable to Configure NAT Unable to configure Firewall Window Add or Edit Address Translation Rule Routing Select All Recommended by Cisco Checkbox Disable Services that Involve Security Risks Checkbox Synchronize with my local PC clock Checkbox Encrypt Passwords Checkbox Ping Tools Destination Field Update SDM from Cisco.comTo clear the output of the ping command Source Field CCO Login Update SDM from Local PCUpdate SDM from CD Edit Date and Time Fields Date and Time PropertiesSynchronize Checkbox Apply Button Reset to Factory DefaultsSave Running Config to PC Write down these steps and then reset the router Reconfiguring Your PC with a Static or a Dynamic IP Address Microsoft Windows NT Feature Not Available Cisco SDM Express Edit Mode Feature Not Available D E IN-2