Wednesday, 2 May 2012

E-Tutorial 2 (Secure Perimeter Routers & Disable Services & Logging)

Using ACLs on the perimeter routers can mitigate some common security threats. Threat mitigation starts by disabling unused services running on the router. You can also mitigate threats on the network by limiting the number of users and services on the router.
ACLs are the most effective because they act as filters between the world and your network. You can also use ACLs to create and enforce corporate security policy in your corporation. 

Telnet

You can use ACLs to limit Telnet access to certain devices on your network. You can apply access lists to the VTY lines with the access-class command.

IP Spoofing

Spoofing is a technique used to gain access to unauthorized networks or resources by sending a data stream to a host with an IP address that indicates that the message is coming from a trusted host.As a golden rule, you should never allow any IP datagrams coming inbound to a protected network that contain the source address of any internal host or network

DoS SYN Attack Mitigation

To overcome this issue, you can use the TCP intercept command. The TCP intercept command examines each inbound TCP connection attempt and ensures that the external source address is not spoofed but is actually reachable. 


Posted by at

1 comment:

  1. Unknown4 May 2012 at 06:47

    well done, i have learn many things about securing perimeter routers especially "Using ACLs on the perimeter routers can mitigate some common security threats. Threat mitigation starts by disabling unused services running on the router. You can also mitigate threats on the network by limiting the number of users and services on the router.
    ACLs are the most effective because they act as filters between the world and your network. You can also use ACLs to create and enforce corporate security policy in your corporation. "

    ReplyDelete

Subscribe to: Post Comments (Atom)