16-15
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
Chapter16 Security Audit
Fix It Page
logging console critical
logging trap debugging
logging buffered <log buffer size>
logging <logging server ip address>
Set Enable Secret Password
Security Audit will configure the enable secret Cisco IOS command for more
secure password protection whenever possible. The enable secret command is
used to set the password that grants privileged administrative access to the Cisco
IOS system. The enable secret command uses a much more secure encryption
algorithm (MD5) to protect that password than the older enable password
command. This stronger encryption is an essential means of protecting the router
password, and thus network access.
The configuration that will be delivered to the router to configure the command is
as follows:
enable secret <>
Disable SNMP
Security Audit disables the Simple Network Management Protocol (SNMP)
whenever possible. SNMP is a network protocol that provides a facility for
retrieving and posting data about network performance and processes. It is very
widely used for router monitoring, and frequently for router configuration
changes as well. Version 1 of the SNMP protocol, however, which is the most
commonly used, is often a security risk for the following reasons:
It uses authentication strings (passwords) called community strings which are
stored and sent across the network in plain text.
Most SNMP implementations send those strings repeatedly as part of periodic
polling.
It is an easily spoofable, datagram-based transaction protocol.
Because SNMP can be used to retrieve a copy of the network routing table, as well
as other sensitive network information, Cisco recommends disabling SNMP if
your network does not require it. Security Audit will initially request to disable
SNMP.