Index – 9
trusted ports, disabled … 11-6
DHCP snooping, none …1-9
DSA keysize, 1024 bits …8-12
dynamic arp protection, none …1-9
dynamic IP lockdown, none …1-9
dyn-autz-port 3799 … 6-18
factory reset, enabled …2-27
front panel security … 2-1, 2-27
ICMP rate-liming, none …1-9
instrumentation monitor
SNMP traps, disabled … 11-35
thresholds and parameters … 11-35
instrumentation monitor, disabled …11-35
key management system, none …1-9
MAC authentication, disabled …1-6
MAC lockdown and lockout, none …1-8
manager password, no password …1-3
multicast filters, none … 12-2
passwords
clear password, enabled …2-27
password recovery, enabled … 2-28, 2-33
password-clear, enabled …2-29
reset-on-clear, disabled …2-27
username and passwords, none …2-1
port security, none …1-8
port security, off or ’continuous’ … 14-2
protocol filters, none … 12-2
RADIUS
accounting, none …6-1
authentication, none …6-1
authorization, none …6-1
global parameters … 6-8
radius-server dead-time, 0 minutes …6-18
radius-server retransmit, 3 seconds …6-19
radius-server timeout, 3 seconds …6-19
server key, null …6-8
RADIUS authentication, disabled …1-6
RSA keysize, 2048 bits …8-12
secure management vlan, disabled …1
-5
security
access security and authentication … 1-3
network security … 1-7
SNMP access … 1-14
SNMP access to the security MIB, open …6-30
SNMP, public, unrestricted …1-5
source-port filters, none … 12-2
spanning tree
bpdu filtering, none …1-9
bpdu protection, none …1-9
SSH, disabled … 1-4, 8-1
SSL, disabled … 1-5, 9-1
TACACS+
authentication configuration … 5-8
authentication, disabled …1-5, 5-1
login attempts, 3 …5-5
tacacs-server-timeout, 5 seconds …5-23
TCP port number for SSH connections,
22 …8-18
TCP port number for SSL connections,
443 …9-14
Telnet access, enabled …1-4
time-window, 300 seconds … 6-16
traffic filters, none … 12-2
traffic/security filters, none …1-7
UDP destination port for accounting,
1813 …6-5
UDP destination port for authentication,
1812 …6-5
usb autorun, disabled(if password) … 1-7
usb autorun, enabled (if no password) … 1-7
user authentication, disabled …8-1
virus throttling … 3-1
virus throttling, none …1-9
Web and MAC authentication … 4-1–4-53
Web authentication, disabled …1-6
Web-browser access, enabled …1-4
defualt settings
dyn-authorization, disabled … 6-15
denial-of-service
avoid attacks using DHCP snooping … 11-3
monitoring system resources … 11-33
DES …9-2
DHCP Option 82
IP-to-MAC binding database … 11-19, 11-27
DHCP protection
See DHCP snooping.
DHCP snooping … 11-2
authorized server … 11-4
binding database … 11-11
changing remote-id … 11-10
configuring authorized server address … 11-7
database … 11-4
denial-of-service attack … 11-3
DHCPACK … 11-3
DHCPDECLINE … 11-3
DHCPNACK … 11-3
To Next Page
Loading...
Need help?
General
