Home
Security Hardening
CIS Cisco IOS 15 L2 V4.1.0

CIS Cisco IOS 15 L2 V4.1.0

Set ‘af-interface default’
Details Defines user defaults to apply to EIGRP interfaces that belong to an address-family. Rationale: Part of the EIGRP address-family...
Set ‘authentication key-chain’
Details Configure the EIGRP address family key chain. Rationale: This is part of the EIGRP authentication configuration Impact: Organizations should...
Set ‘authentication message-digest’ for OSPF area
Details Enable MD5 authentication for OSPF. Rationale: This is part of the OSPF authentication setup. Impact: Organizations should plan and...
Set ‘authentication mode md5’
Details Configure authentication to prevent unapproved sources from introducing unauthorized or false service messages. Rationale: This is part of the...
Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Default deny configured’
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...
Set inbound ‘ip access-group’ on the External Interface
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...
Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 0.0.0.0’
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...
Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 10.0.0.0’
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...
Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 127.0.0.0’
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...
Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 169.254.0.0’
Details This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions...

Prev Next

CIS Cisco IOS 15 L2 V4.1.0

Set ‘af-interface default’

Set ‘authentication key-chain’

Set ‘authentication message-digest’ for OSPF area

Set ‘authentication mode md5’

Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Default deny configured’

Set inbound ‘ip access-group’ on the External Interface

Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 0.0.0.0’

Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 10.0.0.0’

Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 127.0.0.0’

Set ‘ip access-list extended’ to Forbid Private Source Addresses from External Networks – ‘Deny 169.254.0.0’