CiscoCatOS基本安全配置详解

发表于:2007-06-23来源:作者:点击数: 标签:
set cdp disable //禁用cdp set ip http disable //禁用http server,这玩意儿的 安全 漏洞很多的 ! set logging timestamp enable //启用log时间戳 set logging server 192.168.0.1 //向192.168.0.1发送log set logging server 192.168.0.2 //向192.168.0.2

   
  set cdp disable //禁用cdp
  set ip http disable    //禁用http server,这玩意儿的安全漏洞很多的
  !
  set logging timestamp enable //启用log时间戳

  set logging server 192.168.0.1 //向192.168.0.1发送log
  set logging server 192.168.0.2 //向192.168.0.2发送log
  set snmp community HSDxdf //配置snmp只读通讯字
  set ip permit enable snmp //启用snmp访问控制
  set ip permit 192.168.0.1 snmp  //允许192.168.0.1进行snmp访问
  set ip permit enable telnet //启用telnet访问控制
  set ip permit 192.168.0.1 telnet  //允许192.168.0.1进行telnet访问
  set password //配置telnet密码
  set enable     //配置特权密码
  set logout 2    //配置超时参数,2分钟
  set banner motd       //配置提示信息
  This is a private system operated for UltraTeam.
  Authorization from UltraTeam is required to use this system
  Use by unauthorized persons is prohibited
  
  !
  set timezone PST-8 //设置时区
  set ntp authenticate enable       //启用NTP认证
  set ntp key 1 md5 uadsf //设置NTP认证用的密码,使用MD5加密。需要和ntp server一致
  set ntp server 192.168.0.1 key 1 //配置ntp server,server为192.168.0.1,使用1号key做为密码 
  set ntp client enable //启用ntp client

原文转自:http://www.ltesting.net