HostedDB - Dedicated UNIX Servers

index_115
UNCLASSIFIED Implementing Security on Cisco Routers  Version 1.0g  UNCLASSIFIED 115   the scope of this guide; the description below shows how to set up authentication for an Cisco router so that it can use a designated NTP server that uses authentication. South# config t Enter configuration commands, one per line.  End with CNTL/Z. South(config)# ntp authenticate South(config)# ntp authentication-key 1 md5 router South(config)# ntp trusted-key 1 South(config)# ntp server 14.2.9.250 key 1 source ethernet 0/0 South(config)# exit Configuration Sample The configuration command listing below shows the configuration commands for a router with console logging, buffered logging, syslog logging, and authenticated network time synchronization.  The host receiving the log messages is 14.2.9.6, and the time server is 14.2.9.250.  This sample is formatted as it would appear in a configuration text file stored on a host for download to the router South. ! turn on timestamps for log entries service timestamps log datetime msec localtime show-timezone                     ! setting logging levels and syslog parameters logging console notifications logging monitor debug logging buffered 16000 informational logging facility local6 logging source-interface Ethernet 0/1 logging 14.2.9.6 logging on ! a tiny access list to permit access only for Central   access-list 21 permit 14.2.9.250 access-list 21 deny  any ! designate Central as our sole NTP server with authentication ntp authentication-key 1 md5 071D2E595A0C0B 7 ntp authenticate ntp trusted-key 1 ntp clock-period 17180154 ntp access-group peer 21 ntp server 14.2.9.250 key 1 source Ethernet0/0 4.5.3.    Security for the Simple Network Management Protocol (SNMP) Overview The Simple Network Management Protocol  (SNMP) supports a connection between two entities that communicate with each other: the manager and the managed entity, the agent. In the case of Cisco routers, the router is always the agent. A software application on a PC or workstation normally acts as the manager. A good source for a