[c-nsp] disable console port

Matt Hill Matt.Hill at aapt.com.au
Thu Jun 30 21:52:06 EDT 2005 

One valid reason I can think of is to protect ISAKMP keys or passwords
or the like.  However I do agree if your physical security isn't up to
scratch then not much else matters...

But to stop password recovery the config is:

No service password-recovery

What this will do is when someone attempts a password recovery they will
not be able and all they can do is restore the router to a default
config rather than just bypassing the startup config.  This will protect
the config on the box but isn't going to stop someone running away with
it!

Cheers,
Matt

-- 
Matt Hill
DPS - Internet Engineering
Alcatel Australia Pty Ltd
180-188 Burnley St
Richmond, Vic, AU 3121
e: matt.hill at aapt.com.au
v: +61 3 8687 5739
f: +61 3 8414 3115
m: ask and you may receive


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Wojtek Zlobicki
Sent: Friday, 1 July 2005 11:39 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] disable console port

If someone is sitting in front of your router, all security is
useless,  I can take your router with me if I want at that point, why
enable security at this point.

On 6/29/05, Adell Shahini <ciscosystems.ccie at gmail.com> wrote:
> In the name of God
> Hi Dear
> Any one know how I can disable console port on a router ?
> I need to disable PASSWORD RECOVERY .
> 
> Best Regards .
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


-- 
----------------------------------------
wojtek.zlobicki at gmail.com

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


This communication, including any attachments, is confidential. If 
 you are not the intended recipient, you should not read it - please 
 contact me immediately, destroy it, and do not copy or use any part of 
 this communication or disclose anything about it.

More information about the cisco-nsp mailing list