Course content Course content

Discovering computer networks: hands on in the Open Networking Lab

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

More free courses

15.4 Summary of Session 15

In this session you’ve seen a variety of ways in which security for a router can be improved.

You have seen that enterprise routers allow a network engineer to connect in two ways: with a direct connection to a special console port, or over the network. Passwords can be set to control access to both of these. When a remote connection is made over the internet, a secure communication protocol such as SSH should be used to prevent an eavesdropper from reading passwords.

A message can be configured to warn that only authorised users can connect. Separate passwords can be applied to protect access to the console port and to network access through virtual teletypes.

The command-line interface on Cisco routers can be password protected, requiring the user to enter the correct password to enter further configuration commands. This applies whichever method is used to connect to the router.

You have also seen that security is difficult to get right. Possible weaknesses are storing passwords as plain text in configuration files, or using unencrypted Telnet for remote access. A network engineer should be alert to problems such as these and know ways to avoid them – for example, by adding encryption to passwords and by requiring SSH instead of Telnet for remote access.

Commands

In this session you have used the following commands.

Table _unit9.1.1
Command	Mode	Command prompt	Purpose
enable secret <password>	Global configuration	Router(config)	To set a password for privileged execution mode
banner motd <sep><banner><sep>	Global configuration	Router(config)	To set a message of the day
service password-encryption	Global configuration	Router(config)	To encrypt passwords stored in the running configuration
username <name> secret <password>	Global configuration	Router(config)	To create a user account
line console 0	Global configuration	Router(config)	To configure the console connection
password <password>	Line configuration	Router(config-line)	To set a password for the console connection
login	Line configuration	Router(config-line)	To require login with a password to the console connection
line vty 0 <max>	Global configuration	Router(config)	To configure a set of virtual teletype lines
login local	Line configuration	Router(config-line)	To require login with a user account name and password
transport input ssh	Line configuration	Router(config-line)	To only accept SSH connections

New terms

In this session you have met the following terms.

Table _unit9.1.2
Telnet	A protocol used for unencrypted remote terminal connections.
Secure Shell (SSH)	A protocol used for encrypted remote terminal connections.

Previous 15.3 Secure shell access

Next Session 16: Building a more complex network

Take your learning further

Making the decision to study can be a big step, which is why you’ll want a trusted University. We’ve pioneered distance learning for over 50 years, bringing university to you wherever you are so you can fit study around your life. Take a look at all Open University courses.

If you’re new to university-level study, read our guide on Where to take your learning next, or find out more about the types of qualifications we offer including entry level Access modules, Certificates, and Short Courses.

Want to achieve your ambition? Study with us and you’ll be joining over 2 million students who’ve achieved their career and personal goals with The Open University.

Browse all Open University courses

My OpenLearn Profile

About this free course

Become an OU student

Download this course

Share this free course

15.4 Summary of Session 15

Commands

New terms