Saturday, March 24, 2007

Other Cisco Security Router features.

Alright, the other day i provided a list of features that can be used to harden the Cisco router and i am going to finish it here today with the commands.
For PAM to work, you can issue the commands below:

config t
ip port-map telnet port smtp 2525
exit


This will map a standard smtp port which is port 25 to a non-standard port 2525. You can also attached an access-list to restrict only a specfic hosts or user to the smtp server using list xx (where xx is the access-list number) at the end of the ip port-map command.


Cisco Firewall comes with basic configuration for IDS by default. However, you can always add on for more signatures and advanced configuration settings to thwart off attacks. For IPS and IDS configuration, refer to the link below for more detailed step by step explaination:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7c6.html


Setting up an authentication proxy in the Cisco router using tacacs+. This will require user to authenticate first before allowing traffic to the internet.

config t
aaa new-model
aaa authorization auth-proxy default group tacacs+
aaa authorization auth-proxy default group tacacs+
tacacs-server host 192.168.1.4
tacacs-server key cisco
ip auth-proxy name httpAuthentication http
interface Ethernet0/1
ip auth-proxy httpAuthentication
exit


Use the show ip auth-proxy cache to check for user statistics. A sample example can be found below:

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a008009466e.shtml

1 comment:

Anonymous said...

Can anyone recommend the well-priced Patch Management tool for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central remote desktop
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!