Set ‘password’ for ‘enable secret’
Details Use the enable secret command to provide an additional layer of security over the enable password. The enable secret...
- Home
- Security Hardening
- CIS Cisco IOS 16 L1 V1.1.1
CIS Cisco IOS 16 L1 V1.1.1
Set ‘privilege 1’ for local users – ‘All users have encrypted passwords’
Details Sets the privilege level for the user. Rationale: Default device configuration does not require strong user authentication potentially enabling...Set ‘privilege 1’ for local users – ‘No users with privileges 2-15’
Details Sets the privilege level for the user. Rationale: Default device configuration does not require strong user authentication potentially enabling...Set ‘seconds’ for ‘ip ssh timeout’
Details The time interval that the router waits for the SSH client to respond before disconnecting an uncompleted login attempt....Set ‘service tcp-keepalives-in’
Details Generate keepalive packets on idle incoming network connections. Rationale: Stale connections use resources and could potentially be hijacked to...Set ‘snmp-server enable traps snmp’
Details SNMP notifications can be sent as traps to authorized management systems. Rationale: SNMP has the ability to submit traps...Set ‘snmp-server host’ when using SNMP
Details SNMP notifications can be sent as traps to authorized management systems. Rationale: If SNMP is enabled for device management...Set the ACL for each ‘snmp-server community’
Details This feature specifies a list of IP addresses that are allowed to use the community string to gain access...Set the ‘banner-text’ for ‘banner exec’
Details This command specifies a message to be displayed when an EXEC process is created (a line is activated, or...Set the ‘banner-text’ for ‘banner login’
Details Follow the banner login command with one or more blank spaces and a delimiting character of your choice. Then...