Network and Other Devices Common Configuration Weaknesses - Best Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    Fix Network Security Flaws on Your Biz Network - Trial | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard Network Security Scanner - Dld 30-day trial! del.icio.us  digg  Furl  NewsVine  Spurl  Blinklist  Ma.gnolia  Reddit  Tailrank  YahooMyWeb 
Best Tips
F-Secure Internet Securi...
Microsoft Office Attacks
How To Use BCC Email Fie...
P2P Filesharing Attacks
Why Web services threats...
Understanding Digital Si...
Get Protection Against T...
Application Security Hac...
How To Setup Xbox 360 Fi...
Your Kid Online - A Few ...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Bugtraq: [USN-651-1] Ruby vulnerabilities
2008/10/10 19:37:29
Bugtraq: Re[2]: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
2008/10/10 19:37:29
Bugtraq: [LC-2008-04] Nokia Browser Array Sort Denial Of Service Vulnerability
2008/10/10 19:37:29
Bugtraq: Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
2008/10/10 19:37:29
Mal/Behav-134
2008/10/10 18:31:18
Downloads
 0.Zilla Video Converter & Decompiler
 1.Traffic Jam Extreme
 2.Wondershare Xbox360 Slideshow
 3.English-Korean Talking Dictionary for W...
 4.QR Photo to 3GP Converter
 5.MinuteManPlus
 6.Quick Flash Player
 7.tApCalc Scientific tape calculator(Arm ...
 8.Crazy Minesweeper
 9.Rapsody
Security News
Panda Security Launc...
Bank of America and ...
McAfee Top 10 Threat...
iPhone as (In)secure...
Germany eDonkey Netw...
61 Online MP3 downlo...
Second Damage Report...
Vista Zero-Day Explo...
Michigan Bank Forced...
Most campuses report...
RSS / Atom Feeds
SANS Top-20 Internet Security Attack Targets: Network and Other Devices Common Configuration Weaknesses (2/2)  
Author: Max : 2006/11/23 Printer Friendly Page Tell a Friend
Network and Other Devices Common Configuration Weaknesses 

N2.4 How to Protect Against These Vulnerabilities

N2.4.1 Perform a Complete Configuration Audit

Storing device configurations in a centralized repository and regularly examining these configurations can make it easy to spot weaknesses. Using a tool such as Cisco's CiscoWorks can aid in configuration management.

CiscoWorks Home Page http://www.cisco.com/en/US/products/sw/cscowork/ps2425/

RANCID - Cisco Config Monitoring Tool http://www.shrubbery.net/rancid

CISecurity Network Element Benchmarks and Audit Tools http://www.cisecurity.org


N2.4.2 Set Up a Syslog Server

Many devices support logging via the syslog protocol. Syslog servers are included by default on all Unix, Unix-like, and Linux systems, and free syslog servers are available for Microsoft Windows. Properly configured logging on a network device will allow the syslog server to log accesses to the device, any modification to the configuration as well as any policy violations enforced by the device.

Configuring Cisco Syslog http://www.linuxhomenetworking.com/cisco-hn/syslog-cisco.htm

Central Loghost Mini-HOWTO http://www.campin.net/newlogcheck.html

N2.4.3 Disable Default Accounts and Change Default Passwords

Any default accounts should be disabled, and all default passwords and other authentication tokens should be changed to secure alternatives.

Cisco SNMP Community Strings http://www.cisco.com/en/US/tech/tk648/tk362/tk605/tsd_technology_support_sub-protocol_home.html

N2.4.4 Disable Unnecessary Services

Any services that are not needed should be disabled. Any necessary services should, if possible, be restricted to authenticated users.

Cisco TCP and UDP Small Services

N2.4.5 Use Encrypted and Authenticated Administration Protocols

If the device supports administration via HTTPS or SSH, these are preferable to unencrypted protocols such as HTTP or telnet. For file transfer, SCP, HTTPS, or FTPS should be preferred over TFTP or FTP. Strong passwords or other strong authentication methods should always be used.

Configuring SSH on Cisco Devices

N2.4.6 Use Port-Level Security

If your network infrastructure supports it, implement port-level security on switches. This can help prevent rogue systems connecting to the network, and can help contain and detect ARP spoofing and other attacks.

Configuring Port Level Security on Cisco Devices

http://articles.techrepublic.com.com/5100-1035-6123047-1.html

http://articles.techrepublic.com.com/5100-1035-6123047-2.html
 Page: 1 2 

Return to Category | Return To Main Index
Identity Theft Protection Services :
LifeLock Identity Theft Prevention Solution
Veracity Credit Optimization Services
Equifax Credit Watch
 Free Credit Report
Identity Truth
Privacy Matters 123



 

HOME | NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | SECURITY BOOKS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Jan '08 | Feb '08 | Mar '08 | Apr '08 | May '08 | Jun '08 | Jul '08 | Sep '08 
Best Security Downloads offers 4000+ free and free to try security downloads