Cisco Command "Auto secure"
In today's article, I'm going to quickly inform you about the Privileged EXEC command named "auto secure".
Network administrators (like you) use the "auto secure" command to secure the management and forwarding planes of a router.
Another way of saying it is, CCNAs use this command to secure a router by disabling common IP services which can be exploited by attackers to initiate network attacks. When the command is typed on a router, it takes the user (ccna) through a command line-interface (CLI) semi-interactive session (which is also known as the AutoSecure dialogue).
Below is the command's syntax:
auto secure [management | forwarding] [no-interact | full] [ntp | login | ssh | firewall | tcp-intercept]
As you can see, the command can use several "optional" keywords:
management - This (optional) keyword is used to only secure the management plane of a router.
forwarding - This (optional) keyword is used to only secure the forwarding plane of a router.
no-interact - A CCNA uses this (optional) keyword if he or she doesn't want to be prompted for any interactive configurations. (If this optional keyword is not used, the user will be shown the noninteractive configuration and the interactive configurations)
full - This (optional) keyword is used to indicate that the user (ccna) wants to be prompted for all interactive questions. (If this optional keyword is not used, the router will behave this way by default)
ntp - This optional keyword is used to specify the configuration of the Network Time Protocol (NTP) feature in the AutoSecure command line-interface (CLI).
login - This (optional) keyword is used to specify the configuration of the Login feature in the AutoSecure CLI.
ssh - This (optional) keyword is used to specify the configuration of the Secure Shell (SSH) feature in the AutoSecure CLI.
firewall - This (optional) keyword is used to specify the configuration of the firewall feature in the AutoSecure CLI.
tcp-intercept - And, this (optional) keyword is used to specify the configuration of the TCP-Intercept feature in the AutoSecure CLI.
Below is an example of the command being used:
Router>enable
Router#auto secure
--- AutoSecure Configuration ---
*** AutoSecure configuration enhances the security of the router, but it will not make it absolutely resistant to all security attacks ***
AutoSecure will modify the configuration of your device. All configuration changes will be shown. For a detailed explanation of how the configuration changes enhance security and any possible side effects, please refer to Cisco.com for Autosecure documentation. At any prompt you may enter '?' for help. Use ctrl-c to abort this session at any prompt.
As you can see, once the command is typed into the router, the user (ccna) is informed about the CLI semi-interactive session.
By Charles E Ross
This is really an interesting blog as it focuses on the very important topic. i came to know about so many things or tips.Nissan dealers Canada
ReplyDelete