Skip to main content

Cisco Command "Auto secure"

Cisco Command "Auto secure"

In today's article, I'm going to quickly inform you about the Privileged EXEC command named "auto secure".

Network administrators (like you) use the "auto secure" command to secure the management and forwarding planes of a router.

Another way of saying it is, CCNAs use this command to secure a router by disabling common IP services which can be exploited by attackers to initiate network attacks. When the command is typed on a router, it takes the user (ccna) through a command line-interface (CLI) semi-interactive session (which is also known as the AutoSecure dialogue).

Below is the command's syntax:

auto secure [management | forwarding] [no-interact | full] [ntp | login | ssh | firewall | tcp-intercept]

As you can see, the command can use several "optional" keywords:

management - This (optional) keyword is used to only secure the management plane of a router.

forwarding - This (optional) keyword is used to only secure the forwarding plane of a router.

no-interact - A CCNA uses this (optional) keyword if he or she doesn't want to be prompted for any interactive configurations. (If this optional keyword is not used, the user will be shown the noninteractive configuration and the interactive configurations)

full - This (optional) keyword is used to indicate that the user (ccna) wants to be prompted for all interactive questions. (If this optional keyword is not used, the router will behave this way by default)

ntp - This optional keyword is used to specify the configuration of the Network Time Protocol (NTP) feature in the AutoSecure command line-interface (CLI).

login - This (optional) keyword is used to specify the configuration of the Login feature in the AutoSecure CLI.

ssh - This (optional) keyword is used to specify the configuration of the Secure Shell (SSH) feature in the AutoSecure CLI.

firewall - This (optional) keyword is used to specify the configuration of the firewall feature in the AutoSecure CLI.

tcp-intercept - And, this (optional) keyword is used to specify the configuration of the TCP-Intercept feature in the AutoSecure CLI.

Below is an example of the command being used:

Router>enable

Router#auto secure

--- AutoSecure Configuration ---

*** AutoSecure configuration enhances the security of the router, but it will not make it absolutely resistant to all security attacks ***

AutoSecure will modify the configuration of your device. All configuration changes will be shown. For a detailed explanation of how the configuration changes enhance security and any possible side effects, please refer to Cisco.com for Autosecure documentation. At any prompt you may enter '?' for help. Use ctrl-c to abort this session at any prompt.

As you can see, once the command is typed into the router, the user (ccna) is informed about the CLI semi-interactive session.

By Charles E Ross

Comments

  1. Nissan dealers Canada22 October 2011 at 01:41

    This is really an interesting blog as it focuses on the very important topic. i came to know about so many things or tips.Nissan dealers Canada

    ReplyDelete

Post a Comment

Popular posts from this blog

NetSurveyor :: 802.11 (WiFi) Network Discovery / Scanner Tool

NetSurveyor :: 802.11 (WiFi) Network Discovery / Scanner Tool http://www.performancewifi.net/performance-wifi/main/NetSurveyor.htm NetSurveyor is an 802.11 (WiFi) network discovery tool and, as such, its goal in life is to gather information about nearby wireless access points in real time and display it in a useful way. Similar in purpose to NetStumbler , it includes many more features. The data is displayed using a variety of different diagnostic views and charts. Data can be recorded for extended periods and played-back at a later date/time. Also, reports can be generated in Adobe PDF format. Applications for NetSurveyor include the following: During the installation of a wireless network, as an aid in verifying the network is properly configured and antennas are positioned at locations to achieve efficient transmission / reception -- that is, for use in verifying WiFi coverage and maximizing beacon signal strength Trouble-shooting an existing network or wireless environm...
Post a Comment
Read more

Handle Too-Long Command Lines with xargs

Handle Too-Long Command Lines with xargs xargs is one of those UNIX utilities that seems pretty useless when you first hear about it -- but turns into one of the handiest tools you can have. xargs reads a group of arguments from its standard input, then runs a UNIX command with that group of arguments. It keeps reading arguments and running the command until it runs out of arguments. The shell's backquotes do the same kind of thing, but they give all the arguments to the command at once. This can give you a Too many arguments error. Here are a couple of examples: If you want to print most of the files in a large directory, put the output of ls into a file. Edit the file to leave just the filenames you want printed. Give the file to xargs ' standard input: % ls > allfiles.tmp % vi allfiles.tmp % xargs lpr What did that do? With lines like these in allfiles.tmp : % cat allfiles.tmp afile application ... yoyotest zapme xargs ran one or more lpr commands, each wit...
Post a Comment
Read more