Chapter16 Security Audit
Undoing Security Audit Fixes
16-28
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
Undoing Security Audit Fixes
SDM can undo this security fix. If you want SDM to remove this security
configuration, run the Security Audit wizard. In the Report Card window, select
the option Undo Security Configurations, place a check mark next to this
configuration and other configurations that you want to undo, and click Next>.
Add or Edit Telnet/SSH Account Screen
This screen lets you add a new user account or edit an existing user account for
Telnet and SSH access to your router.
Enable NetFlow Switching ip route-cache flow
Disable IP Redirects no ip redirects
Disable IP Proxy ARP no ip proxy-arp
Disable IP Directed Broadcast no ip directed-broadcast
Disable MOP Service No mop enabled
Disable IP Unreachables int <all-interfaces>
no ip unreachables
Disable IP Mask Reply no ip mask-reply
Disable IP Unreachables on NULL
Interface
int null 0
no ip unreachables
Enable Password Encryption Service service password-encryption
Enable TCP Keepalives for Inbound
Telnet Sessions
service tcp-keepalives-in
Enable TCP Keepalives for Outbound
Telnet Sessions
service tcp-keepalives-out
Disable IP Gratuitous ARPs no ip gratuitous arps
Security Configuration Equivalent CLI