[c-nsp] disable console port
Matt Hill
Matt.Hill at aapt.com.au
Thu Jun 30 21:52:06 EDT 2005
One valid reason I can think of is to protect ISAKMP keys or passwords
or the like. However I do agree if your physical security isn't up to
scratch then not much else matters...
But to stop password recovery the config is:
No service password-recovery
What this will do is when someone attempts a password recovery they will
not be able and all they can do is restore the router to a default
config rather than just bypassing the startup config. This will protect
the config on the box but isn't going to stop someone running away with
it!
Cheers,
Matt
--
Matt Hill
DPS - Internet Engineering
Alcatel Australia Pty Ltd
180-188 Burnley St
Richmond, Vic, AU 3121
e: matt.hill at aapt.com.au
v: +61 3 8687 5739
f: +61 3 8414 3115
m: ask and you may receive
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Wojtek Zlobicki
Sent: Friday, 1 July 2005 11:39 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] disable console port
If someone is sitting in front of your router, all security is
useless, I can take your router with me if I want at that point, why
enable security at this point.
On 6/29/05, Adell Shahini <ciscosystems.ccie at gmail.com> wrote:
> In the name of God
> Hi Dear
> Any one know how I can disable console port on a router ?
> I need to disable PASSWORD RECOVERY .
>
> Best Regards .
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
----------------------------------------
wojtek.zlobicki at gmail.com
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
This communication, including any attachments, is confidential. If
you are not the intended recipient, you should not read it - please
contact me immediately, destroy it, and do not copy or use any part of
this communication or disclose anything about it.
More information about the cisco-nsp
mailing list