Filter
Top Products
1-27
Cisco SDM Express
OL-7141-04
Chapter 1 Cisco SDM Express
Supplementary Help
widely used for router monitoring, and frequently for router configuration
changes. Version 1 of SNMP, however, which is the most commonly used, is often
a security risk for the following reasons:
• It uses authentication strings (passwords) called community strings which are
stored and sent across the network in plain text.
• Most SNMP implementations send those strings repeatedly as part of periodic
polling.
• It is an easily spoofable, datagram-based transaction protocol.
Because SNMP can be used to retrieve a copy of the network routing table and
sensitive network information, we recommend disabling SNMP if your network
does not require it. Cisco SDM Express will initially request to disable SNMP.
The configuration that will be delivered to the router to disable SNMP is as
follows:
no snmp-server
Disable Finger Service
Cisco SDM Express disables the finger service whenever possible. Finger is used
to learn which users are logged into a network device. Although this information
is often not highly sensitive, it can sometimes be useful to an attacker.
In addition, the finger service can be used in a specific type of Denial-of-Service
(DoS) attack called “Finger of death,” which involves sending a finger request to
a specific computer every minute, but never disconnecting.
The configuration that will be delivered to the router to disable the Finger service
is as follows:
no service finger
You can undo this fix using the SDM Security Audit feature. To learn
how, For more information, click Cisco Router and Security Device
Manager.
Disable PAD Service
Cisco SDM Express disables all packet assembler/disassembler (PAD)
commands and connections between PAD devices and access servers whenever
possible.