Cisco Security Basics


Here are the basics for setting up a Cisco router:

Thanks to Neuromancer & Data Plumber for pointing out the initial commands and helping me with this blog. So, to prepare for entering configuration commands. The initial commands to enter into the system:

Router#configure terminal

You are now ready to start entering commands to configure the system. The following are probably the most common and those neccessary to configure a working router.
Enable password-encryption (to ensure passwords are stored in a way that is unreadable to any chancer):

Router(config)#service password-encryption

Enable secret – higher encrypted authorisation.

Router(config)#enable secret password

Enable login using password authentication:

Router(config)#enable password password

Enable console password authentication:

Router(config)#line console 0
Router(config-line)#password password

Enable virtual terminal password authentication (for the five available logins):

Router(config)#line vty 0 4
Router(config-line)#password password

Set the hostname of your Router:

Router(config)#hostname Cisco1

Set the banner displayed when greeted by the router:

Cisco1(config)#banner motd # Authorised access only #

If, like me your router is too small to hold a newer ISO image. You can do one of two things – a) like I now have, buy memory upgrades (from ebay) or b) store your newly purchased IOS image on a tftp server and load it at boot time.

Cisco1(config)#boot system tftp 2500-io-l.122-5.bin

Breaking the last down, the first tells the router to read this boot line first, it then reads that we are booting a system file, the third part says that we are retrieving an image from a remote tftp server (this tftp server must be on a network connected to one of the configured interfaces) — this is not a configuration file, which is separate and stored in nvram, which is loaded into ram during the bootstrap,next is the IOS image, this will vary entirely on you, lastly is the address of the tftp server — there thats it, just saved £30 on a memory upgrade

So now you have your system quite nice and customised to your liking – you better save it!

Cisco1(config)#end //you can also hit CTRL-Z
Cisco#copy running-config startup-config

Hmm, I wonder which version of software I am running and how much memory I have.

Cisco1#show version
Cisco1#show flash

Configuring RIP routing protocol, so that a router can act as an intermediary between two networks. In this example we are traversing networks and

Cisco1#conf t
Cisco1(config)#router rip
Cisco1#copy run start