index_46
Router Security Configuration Guide
UNCLASSIFIED
46
UNCLASSIFIED
Version 1.0g
4.1. Router Access Security
This section discusses the various mechanisms used to protect the router itself. These
include physical access, user account protection, software protection, remote
administration concerns, and configuration issues. When thinking about the security
of your network it is important to consider these issues for all your systems, where
applicable, as well as to the routers.
4.1.1. Physical Security
Once an individual has physical access to a piece of networking equipment there is
no way to stop them from modifying the system. This problem is not only confined
to network devices but is also true of computers and any other electrical or
mechanical device. It is always a matter of time and effort. There are things that can
be done to make this more difficult, but a knowledgeable attacker with access can
never be completely defeated, only slowed down. One of the best additions to the
security features of a computer network is to limit access. Network infrastructure
components, like routers, are especially important because they are often used to
protect segments of the network and can also be used for launching attacks against
other network segments.
Network equipment, especially routers and switches, should be located in a limited
access area. If possible, this area should only be accessible by personnel with
administrative responsibilities for the router. This area should be under some sort of
supervision 24 hours a day and 7 days a week. This can be accomplished through the
use of guards, system personnel, or electronic monitoring. In practice, physical
security mechanisms and policies must not make access too difficult for authorized
personnel, or they may find ways to circumvent the physical security precautions.
If remote administration is used to configure and control routers, then consider ways
of protecting the machines used for remote administration, and the networks they use
to communicate with the router. Use access lists to limit remote administration
access to hosts that enjoy reasonable physical security.
To illustrate one reason why physical security is critical to overall router security,
consider the password recovery procedure for Cisco routers. This procedure is able
to acquire full privileged (enable) access to a Cisco router without using a password.
The details of the procedure varies between router models, but always includes the
following basic steps. An administrator (or an attacker) can simply connect a
terminal or computer to the console port and
Step 1 Configure the router to boot up without reading the
configuration memory (NVRAM). This is sometimes called
the test system mode.
Step 2 Reboot the system.
Step 3 Access enable mode (which can be done without a password
if you are in test system mode).