PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2004

Router security setup: How to secure your router

It's incomprehensible that many routers -- the most critical element of any network -- still lack the physical and logical controls to prevent miscreants from easily owning them. Yet, routers continue to use default access passwords, such as the device vendor's name or some other easily guessable code. Imagine buying a Ford Explorer and configuring the nifty keyless entry code to 3673. It's easy to remember, but it's also the first combination a car thief will try. Why? That numeric code maps to "F-O-R-D" on a telephone keypad. The key to securing the core routing infrastructure is access control. At a minimum, the following controls should be deployed: Limit physical access to routers to authorized personnel. Use encrypted access, such as SSH, to communicate with routers. If there's a reason to use unencrypted access, such as Telnet, limit the access to specific trusted hosts. If possible, authentication should be based on a one-time password scheme. Have a generic login prompt with no information pertaining to system type or ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue

  • The security improvements of Microsoft ISA Server 2004

    by  Victor R. Garza

    In an effort to bolster its security image, Microsoft is going to release its ISA Server 2004 later this year. Here you will learn about the security improvements of Microsoft ISA Server 2004.