16-11
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
Chapter16 Security Audit
Fix It Page
Enable TCP Keepalives for Inbound Telnet Sessions
Security Audit enables TCP keep alive messages for both inbound and outbound
Telne t sessions whenever possible. Enabling TCP keep alives causes the router to
generate periodic keep alive messages, letting it detect and drop b roken Telnet
connections.
The configuration that will be delivered to the router to enable TCP keep alives
for inbound Telnet sessions is as follows:
service tcp-keepalives-in
This fix can be undone. To learn how, click Undoing Security Audit Fixes.
Enable TCP Keepalives for Outbound Telnet Sessions
Security Audit enables TCP keep alive messages for both inbound and outbound
Telne t sessions whenever possible. Enabling TCP keep alives causes the router to
generate periodic keep alive messages, letting it detect and drop b roken Telnet
connections.
The configuration that will be delivered to the router to enable TCP keep alives
for outbound Telnet sessions is as follows:
service tcp-keepalives-out
This fix can be undone. To learn how, click Undoing Security Audit Fixes.
Enable Sequence Numbers and Time Stamps on Debugs
Security Audit enables sequence numbers and time stamps on all debug and log
messages whenever possible. Time stamps on debug and log messages indicate
the time and date that the message was generated. Sequence numbers indicate the
sequence in which messages that have identical time stamps were generated.
Knowing the timing and sequence that messages are generated is an important
tool in diagnosing potential attacks.
The configuration that will be delivered to the router to enable time stamps and
sequence numbers is as follows:
service timestamps debug datetime localtime show-timezone msec
service timestamps log datetime localtime show-timeout msec