Router(config-line)# password Dots-4-georg3

Provide a basic protection for the line passwords by using the following global configuration command. Router(config)# service password-encryption TCP/IP Filters Carefully consider which TCP/IP services will be allowed through and to the perimeter routers and firewalls (inbound and outbound). Use the following guidelines for creating filters: those services that are not explicitly permitted are prohibited. The following tables present common services to restrict because they can be used to gather information about the protected network or they have weaknesses that can be exploited against the protected network. . Table 1 lists those TCP or UDP servers that should be completely blocked at the perimeter router or firewall. These services should not be allowed across the router or the firewall in either direction. Also, they should not be allowed to the router or the firewall. . Table 2 lists those TCP or UDP servers on the protected network, on the router or on the firewall that should not be accessible by external clients. . Table 3 lists the common TCP or UDP servers on the protected network, on the router or on the firewall that may need some access by internal or external clients and servers. Many of these services can be filtered to the few authorized computers (e.g., ftp server, mail server, domain name server, web server) on the protected network or on the DMZ
Next topic
Previous topic