Router Security Configuration-Books Pdf

Router Security Configuration
18 Nov 2019 | 90 views | 0 downloads | 242 Pages | 1.46 MB

Share Pdf : Router Security Configuration

Download and Preview : Router Security Configuration

Report CopyRight/DMCA Form For : Router Security Configuration



Transcription

REPORT DOCUMENTATION PAGE Form Approved OMB No , Public reporting burder for this collection of information is estibated to average 1 hour per response including the time for reviewing instructions searching existing data sources gathering and maintaining the data needed and completing. and reviewing this collection of information Send comments regarding this burden estimate or any other aspect of this collection of information including suggestions for reducing this burder to Department of Defense Washington. Headquarters Services Directorate for Information Operations and Reports 0704 0188 1215 Jefferson Davis Highway Suite 1204 Arlington VA 22202 4302 Respondents should be aware that notwithstanding any other provision of. law no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS . 1 REPORT DATE DD MM YYYY 2 REPORT TYPE 3 DATES COVERED FROM TO . 20 04 2001 xx xx 2001 to xx xx 2001, 4 TITLE AND SUBTITLE 5a CONTRACT NUMBER. Router Security Configuration Guide Report Number C4 054R 00 5b GRANT NUMBER. Unclassified 5c PROGRAM ELEMENT NUMBER, 6 AUTHOR S 5d PROJECT NUMBER. Antoine Vanessa 5e TASK NUMBER, Bosmajian Patricia 5f WORK UNIT NUMBER. Duesterhaus Daniel , Dransfield Michael , Eppinger Brian .
7 PERFORMING ORGANIZATION NAME AND ADDRESS 8 PERFORMING ORGANIZATION REPORT. National Security Agency NUMBER, 9800 Savage Road Suite 6704. Ft Meade MD20755 6704, 9 SPONSORING MONITORING AGENCY NAME AND ADDRESS 10 SPONSOR MONITOR S ACRONYM S . 11 SPONSOR MONITOR S REPORT, 12 DISTRIBUTION AVAILABILITY STATEMENT. APUBLIC RELEASE, 13 SUPPLEMENTARY NOTES, 14 ABSTRACT. This document is only a guide to recommended security settings for Internet Protocol IP routers particularly routers running Cisco Systems. Internet Operating System IOS versions 11 and 12 It is not meant to replace well designed policy or sound judgement This guide does not. address site specific configuration issues Care must be taken when implementing the security steps specified in this guide Ensure that all. security steps and procedures chosen from this guide are thoroughly tested and reviewed prior to imposing them on an operational network . 15 SUBJECT TERMS, IATAC Collection, 16 SECURITY CLASSIFICATION OF 17 LIMITATION 18 19 NAME OF RESPONSIBLE PERSON.
OF ABSTRACT NUMBER Fenster Lynn, Public Release OF PAGES lfenster dtic mil. a REPORT b ABSTRACT c THIS PAGE 19b TELEPHONE NUMBER. Unclassified Unclassified Unclassified International Area Code. Area Code Telephone Number, 703767 9007, Standard Form 298 Rev 8 98 . Prescribed by ANSI Std Z39 18, Form Approved, REPORT DOCUMENTATION PAGE OMB No 074 0188. Public reporting burden for this collection of information is estimated to average 1 hour per response including the time for reviewing instructions searching existing data sources gathering and maintaining the data. needed and completing and reviewing this collection of information Send comments regarding this burden estimate or any other aspect of this collection of information including suggestions for reducing this burden to. Washington Headquarters Services Directorate for Information Operations and Reports 1215 Jefferson Davis Highway Suite 1204 Arlington VA 22202 4302 and to the Office of Management and Budget Paperwork. Reduction Project 0704 0188 Washington DC 20503, 1 AGENCY USE ONLY Leave 2 REPORT DATE 3 REPORT TYPE AND DATES COVERED. blank 4 20 2001 Report 4 20 2001, 4 TITLE AND SUBTITLE 5 FUNDING NUMBERS.
Router Security Configuration Guide Report Number C4 . 6 AUTHOR S , Antoine Vanessa Bosmajian Patricia Duesterhaus Daniel . Dransfield Michael Eppinger Brian Houser James Kim . Andrew Lee Phyllis Opitz David Wilson Mark Ziring . 7 PERFORMING ORGANIZATION NAME S AND ADDRESS ES 8 PERFORMING ORGANIZATION. REPORT NUMBER, National Security Agency, 9800 Savage Road Suite 6704. Ft Meade MD 20755 6704, 9 SPONSORING MONITORING AGENCY NAME S AND ADDRESS ES 10 SPONSORING MONITORING. AGENCY REPORT NUMBER, National Security Agency, 9800 Savage Road Suite 6704 Ft Meade MD. 20755 6704, 11 SUPPLEMENTARY NOTES, 12a DISTRIBUTION AVAILABILITY STATEMENT 12b DISTRIBUTION CODE.
Approved for public release Distribution unlimited. 13 ABSTRACT Maximum 200 Words , This document is only a guide to recommended security settings for Internet Protocol IP . routers particularly routers running Cisco Systems Internet Operating System IOS . versions 11 and 12 It is not meant to replace well designed policy or sound judgement . This guide does not address site specific configuration issues Care must be taken when. implementing the security steps specified in this guide Ensure that all security steps and. procedures chosen from this guide are thoroughly tested and reviewed prior to imposing them. on an operational network , 14 SUBJECT TERMS 15 NUMBER OF PAGES. IATAC Collection information security router firewall TCP IP . MAC OSI Layer 240, 16 PRICE CODE, 17 SECURITY CLASSIFICATION 18 SECURITY CLASSIFICATION 19 SECURITY CLASSIFICATION 20 LIMITATION OF ABSTRACT. OF REPORT OF THIS PAGE OF ABSTRACT, UNCLASSIFIED UNCLASSIFIED UNCLASSIFIED UNLIMITED. NSN 7540 01 280 5500 Standard Form 298 Rev 2 89 , Prescribed by ANSI Std Z39 18.
Router Security Configuration Guide UNCLASSIFIED, This document is only a guide to recommended security settings for Internet Protocol. IP routers particularly routers running Cisco Systems Internet Operating System. IOS versions 11 and 12 It is not meant to replace well designed policy or sound. judgement This guide does not address site specific configuration issues Care. must be taken when implementing the security steps specified in this guide Ensure. that all security steps and procedures chosen from this guide are thoroughly tested. and reviewed prior to imposing them on an operational network . This document is current as of February 2001 , Acknowledgements. The authors would like to acknowledge Daniel Duesterhaus author of the original. NSA Cisco Router Security Configuration Guide and the management and staff of. the Applications and Architectures division for their patience and assistance with the. development of this guide Additional contributors to the development effort include. Ray Bongiorni Jennifer Dorrin Charles Hall Scott McKay and Jeffrey Thomas . Trademark Information, Cisco IOS and CiscoSecure are registered trademarks of Cisco Systems Inc in the. U S A and other countries , Windows 2000 is a registered trademark of Microsoft Corporation in the U S A and. other countries , All other names are trademarks or registered trademarks of their respective.
companies , Revision History, 1 0 Sep 2000 First complete draft extensive internal review . 1 0b Oct 2000 Revised after review by Ray Bongiorni. 1 0d Dec 2000 Revised after additional testing submitted. for classification and pre publication review , 1 0e Jan 2001 Polished format coverpage fixed up. grammar etc First release version , 1 0f Mar 2001 Second release version fixed typos and errors . added references passed second pre pub review, 1 0g Apr 2001 Third release version incorporated external. feedback fixed typos , 2 UNCLASSIFIED Version 1 0g.
UNCLASSIFIED Contents, Preface 5, 1 Introduction 7. 1 1 The Roles of Routers in Modern Networks 7, 1 2 Motivations for Providing Router Security Guidance 9. 1 3 Typographic and Diagrammatic Conventions Used in this Guide 10. 1 4 Structural Overview 12, 2 Background and Review 15. 2 1 Review of TCP IP Networking 15, 2 2 TCP IP and the OSI Model 17. 2 3 Review of IP Routing and IP Architectures 19, 2 4 Basic Router Functional Architecture 22.
2 5 Review of Router Relevant Protocols and Layers 25. 2 6 Quick Review of Attacks on Routers 27, 2 7 References 28. 3 Router Security Principles and Goals 31, 3 1 Protecting the Router Itself 31. 3 2 Protecting the Network with the Router 32, 3 3 Managing the Router 36. 3 4 Security Policy for Routers 38, 3 5 References 43. 4 Implementing Security on Cisco Routers 45, 4 1 Router Access Security 46.
4 2 Router Network Service Security 59, 4 3 Access Lists and Filtering 71. 4 4 Routing and Routing Protocols 84, 4 5 Audit and Management 104. 4 6 Security for Router Network Access Services 139. 4 7 Collected References 159, 5 Advanced Security Services 161. 5 1 Role of the Router in Inter Network Security 161. 5 2 IP Network Security 162, 5 3 Using a Cisco Router as a Firewall 184. 5 4 References 193, 6 Testing and Security Validation 195.
6 1 Principles for Router Security Testing 195, 6 2 Testing Tools 195. 6 3 Testing and Security Analysis Techniques 196, 6 4 References 203. Version 1 0g UNCLASSIFIED 3, Router Security Configuration Guide UNCLASSIFIED. 7 Future Issues in Router Security 205, 7 1 Routing and Switching 205. 7 2 ATM and IP Routing 207, 7 3 IPSec and Dynamic Virtual Private Networks 208.
7 4 Tunneling Protocols and Virtual Network Applications 209. 7 5 IP Quality of Service and RSVP 210, 7 6 Secure DNS 211. 7 7 References 212, 8 Appendices 215, 8 1 Top Ways to Quickly Secure a Cisco Router 215. 8 2 Application to Ethernet Switches and Related Non Router Network Hardware 221. 8 3 Overview of Cisco IOS Versions and Releases 224. 8 4 Glossary of Router Security related Terms 229. 9 Additional Resources 235, 9 1 Bibliography 235, 9 2 Web Site References 237. 9 3 Tool References 239, 4 UNCLASSIFIED Version 1 0g. UNCLASSIFIED Preface, Routers direct and control much of the data flowing across computer networks This.
guide provides technical guidance intended to help network administrators and. security officers improve the security of their networks Using the information. presented here you can configure your routers to control access resist attacks shield. other network components and even protect the integrity and confidentiality of. network traffic , This guide was developed in response to numerous questions and requests for. assistance received by the NSA System and Network Attack Center SNAC The. topics covered in the guide were selected on the basis of customer interest and the. SNAC s background in securing networks , The goal for this guide is a simple one improve the security provided by routers on. US Department of Defense DOD operational networks . Who Should Use This Guide, Network administrators and network security officers are the primary audience for. this configuration guide throughout the text the familiar pronoun you is used for. guidance directed specifically to them Most network administrators are responsible. for managing the connections among parts of their networks and between their. network and various other networks Network security officers are usually. responsible for selecting and deploying the assurance measures applied to their. networks For this audience this guide provides security goals and guidance along. with specific examples of configuring Cisco routers to meet those goals . Firewall administrators are another intended audience for this guide Often firewalls. are employed in conjunction with filtering routers the overall perimeter security of. an enclave benefits when the configurations of the firewall and router are. complementary While this guide does not discuss general firewall topics in any. depth it does provide information that firewall administrators need to configure their. routers to actively support their perimeter security policies Section 5 includes. information on using the firewall features of the Cisco Integrated Security facility . Information System Security Engineers ISSEs may also find this guide useful . Using it an ISSE can gain greater familiarity with security services that routers can. provide and use that knowledge to incorporate routers more effectively into the. secure network configurations that they design , Sections 4 5 and 6 of this guide are designed for use with routers made by Cisco. Systems and running Cisco s IOS software The descriptions and examples in those. sections were written with the assumption that the reader is familiar with basic Cisco. router operations and command syntax , Version 1 0g UNCLASSIFIED 5.
Router Security Configuration Guide UNCLASSIFIED, This guide was created by a team of individuals in the System and Network Attack. Center SNAC which is part of NSA Information System Security Organization . The editor was Neal Ziring Comments and feedback about this guide may be. directed to the SNAC National Security Agency Ft Meade MD 20755 6704 or via. e mail to rscg thematrix ncsc mil , 6 UNCLASSIFIED Version 1 0g. UNCLASSIFIED Introduction, 1 Introduction, 1 1 The Roles of Routers in Modern Networks. On a very small computer network it is feasible to use simple broadcast or sequential. mechanisms for moving data from point to point An Ethernet local area network. LAN is essentially a broadcast network In larger more complex computer. networks data must be directed specifically to the intended destination Routers. direct network data messages or packets based on internal addresses and tables of. routes or known destinations that serve certain addresses Direct. Router Security Configuration Guide Principles and guidance for secure configuration of IP routers with detailed instructions for Cisco Systems routers Router Security Guidance Activity of the System and Network Attack Center SNAC National Security Agency 9800 Savage Rd Suite 6704 Ft Meade MD 20755 6704 W2Kguides nsa gov Authors

Related Books

Router Security Configuration Guide 1 Home hpc mil

Router Security Configuration Guide 1 Home hpc mil

Router Security Configuration Guide running Cisco Systems Internet Operating System background in securing networks The goal for this guide is a

MPLS WAN Configuration Files Guide December 2013

MPLS WAN Configuration Files Guide December 2013

Product List December 2013 4 Product List WAN Remote Site Functional Area Product Description Part Numbers Software Modular WAN Remote site Router Cisco ISR 4451 X Security Bundle w SEC license PAK ISR4451 X SEC K9 15 3 3 S securityk9 license Cisco 3945 Voice Sec Bundle PVDM3 64 UC and SEC License PAK C3945 VSEC K9 15 2 4 M4 securityk9 license

DESCRIPTION static nhtsa gov

DESCRIPTION static nhtsa gov

1288 3464 0 WEL ITV ITVH OCC self test failed 1292 7318 2 MIL ITV ITVP in range fault 1293 7318 3 MIL ITV ITVP signal out of range HIGH 1294 7318 4 MIL ITV ITVP signal out of range LOW 1295 51 4 WEL ITV ITV H bridge electrical check 1296 51 5 WEL ITV ITV H bridge electrical check 1297 51 3 WEL ITV ITV H bridge electrical check 1298 51 2 MIL ITV ITV operation fault under V over amp over

S tock TALES ICICI Direct

S tock TALES ICICI Direct

S tock TALES September 30 2019 ICICI Securities Retail Equity Research operations in Ahmedabad Vadodara Faridabad and Khurja contributed to Stock Tales September 30 2019 CMP 133 Target 140 5 Target Period 12 months Adani Gas ADAGAS HOLD Long term play on India s CGD sector Adani Gas AGL is one of India s largest private players in the city gas distribution

21L 430F15 Marie Louise von Franz The Interpretation of

21L 430F15 Marie Louise von Franz The Interpretation of

Marie Louise von Franz The Interpretation of Fairy Tales Boston Shambala 1996 revised edition first edition seems to be 1970 so by now she s read Bettelheim Some may find this text a little meandering and obtuse You get a more effective demonstration of the method of Jungian analysis and motif amplification in the web page I posted to the Materials Section of the Website from the

Town Tales and Timelines Core Knowledge Foundation

Town Tales and Timelines Core Knowledge Foundation

Town Tales and Timelines Grade Level Second Grade Art Title I Presented by Jeannie Saum Theresa Foster Aneita Raver Megan Stauffer Miller Suzanne Long Length of Unit 6 9 weeks integrated unit reading writing language social studies art I ABSTRACT Second grade teachers will each specialize in Ancient India Ancient China or Modern Japan and teach the geography history and

JAPANESE FAIRY TALES OKFN LOCAL India

JAPANESE FAIRY TALES OKFN LOCAL India

Japanese Fairy Tales Yei Theodora Ozaki Open Education India OKFN India JAPANESE FAIRY TALES MY LORD BAG OF RICE Long long ago there lived in Japan a brave warrior known to all as Tawara Toda or My Lord Bag of Rice His true name was Fujiwara Hidesato and there is a very interesting story of how he came to change his name One day he sallied forth in search of adventures for he had

PENGARUH PROFITABILITAS LIKUIDITAS PERTUMBUHAN DAN

PENGARUH PROFITABILITAS LIKUIDITAS PERTUMBUHAN DAN

pengaruh profitabilitas likuiditas pertumbuhan dan investment opportunity set terhadap nilai perusahaan sektor industri barang konsumsi di bursa efek indonesia skripsi

L A P O R A N PERTANGGUNGJAWABAN PENGURUS TAHUN BUKU 2019

L A P O R A N PERTANGGUNGJAWABAN PENGURUS TAHUN BUKU 2019

L A P O R A N PERTANGGUNGJAWABAN PENGURUS TAHUN BUKU 2019 DISAMPAIKAN PADA Pra RAT XX Tahun Buku 2019 pada hari Sabtu 18 Januari 2020 bertempat

ANALISIS PENGARUH PENERAPAN GOOD CORPORATE GOVERNANCE GCG

ANALISIS PENGARUH PENERAPAN GOOD CORPORATE GOVERNANCE GCG

analisis pengaruh penerapan good corporate governance gcg dan corporate social responsibility csr terhadap kinerja keuangan studi kasus pada bank syariah periode 2012