4.6. Limit Access to Routers
Protecting routers from being corrupted by remote attacks is important, but a more basic control overlooked by many network administrators is restricting who can access their routers. Many networks have fewer than five routers in place. In smaller networks a full-blown authentication system, like TACACS and RADIUS (covered in Chapter 6), is probably overblown. However, even in smaller networks, access to the router should be limited, both in terms of securing it against external unauthorized access and restricting personnel within your organization who have access.
An attacker who gains access to the network and is able to sniff, or guess, the router password can easily take the network offline, and may be able to ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.