myblogs.blogg.se

business blog

KEEP YOUR Gym EQUIPMENT SECURE

Publicerad 2019-05-28 04:08:00 i Allmänt,

Security tips: keep your router or switch somewhat secure:

Here are some tips I try to keep my router secure from all the unfriendly networks the internet has to offer.

  • Restrict telnet access to an ip access list:

Your router’s default configuration is not to allow telnet access by default. All of the system administrators enable some type of remote access to configure and manage the network device. Here is a way to secure telnet access to an ip access list.

6-Reasons-You-Should-Never-Open-a-Gym.png (620? 349)

configure terminal

Line vty 0 4

access-class 1 in

login

password 7 assdfsdfsdfsysdf

access-list 1 permit 208.229.144.0 0.0.0.255

Is is very simple simple simple configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration configuration need need need configuration configuration configuration Next you need to enter the line vty 0 4 (this means telnet lines 0 4 (5 virtual terminals). Now add the access-class statement restricting inbound access to the access list 1. This is fairly simple and it does help with brute force attacks on access to router.

  • Now we need to protect Simple Network Management Protocol SNMP from access. I use SNMP to monitor bandwidth, uptime, temperature, interface stats or all my core network devices. It is very scary when you can query someone network device. This will show you all kinds of stats about the network and maybe if it is configured improperly to the router to make changes. So to protect the

SMNP from others you need to restrict access to this tool with 2 modifications.

snmp server community ibs-networkmagement RO 10

access-list 10 permit 208.229.144.0 0.0.0.255

Configuring the community string NOT to public or read. "Public" or "Read" is the default for most equipment awesome complete gym equipment deals , change this to something unique to your network and treat this as a password and secure it. For my password I have chosen "ibs-networkmanememnet" the next setting RO is read only no modification. The

last number refers to the access list number 10 permitting only one subnet on my network. So you can have the SNMP string but you cannot access the router because of the access list number 10.

  • Last, do not forget to enable service password encryption. This will encrypt the passwords with a weak "type 7" encryption, but at least your passwords will not be human readable. Note: this is a reversible type of encryption that can be CRACKED with any number of tools on the internet.

Kommentarer

Kommentera inlägget här
Publiceras ej

Till bloggens startsida

Kategorier

Arkiv

Prenumerera och dela