Create ‘access-list’ for use with ‘line vty’ – ‘ACL deny is configured’
Details Access lists control the transmission of packets on an interface, control Virtual Terminal Line (VTY) access, and restrict the...
- Home
- Security Hardening
- CIS Cisco IOS 12 L1 V4.0.0
CIS Cisco IOS 12 L1 V4.0.0
Create ‘access-list’ for use with ‘line vty’ – ‘ACL permit tcp is configured’
Details Access lists control the transmission of packets on an interface, control Virtual Terminal Line (VTY) access, and restrict the...Create an ‘access-list’ for use with SNMP – ‘SNMP deny secured by ACL’
Details You can use access lists to control the transmission of packets on an interface, control Simple Network Management Protocol...Create an ‘access-list’ for use with SNMP – ‘SNMP permit secured by ACL’
Details You can use access lists to control the transmission of packets on an interface, control Simple Network Management Protocol...Do not set ‘RW’ for any ‘snmp-server community’
Details Specifies read-write access. Authorized management stations can both retrieve and modify MIB objects. Solution Disable SNMP write access. hostname(config)#no...Enable ‘aaa authentication enable default’
Details Authenticates users who access privileged EXEC mode when they use the enable command. Solution Configure AAA authentication method(s) for...Enable ‘aaa authentication login’
Details Sets authentication, authorization and accounting (AAA) authentication at login. Solution Configure AAA authentication method(s) for login authentication. hostname(config)#aaa authentication...Enable ‘aaa new-model’
Details This command enables the AAA access control system. Solution Globally enable authentication, authorization and accounting (AAA) using the new-model...Enable ‘service password-encryption’
Details When password encryption is enabled, the encrypted form of the passwords is displayed when a more system:running-config command is...Set ‘access-class’ for ‘line vty’
Details The ‘access-class’ setting restricts incoming and outgoing connections between a particular vty (into a Cisco device) and the networking...