Security Basics mailing list archives
RE: CISCO Catalyst
From: "Aaron T. Rohyans" <arohyans () idc-usa com>
Date: Wed, 23 Jan 2008 11:05:42 -0500
To create a user: Router> enable Router# conf t Router(config)# username MYUSER password MYPASSWORD (optionally specify privilege level) To log commands issued, you need a TACACS+ or RADIUS server and need to enable aaa accounting: Router(config)# aaa new-model Router(config)# aaa accounting commands 0 MYACCTLIST Router(config)# aaa accounting commands 15 MYACCTLIST Router(config)# aaa accounting exec MYACCTLIST Router(config)# aaa accounting config-commands MYACCTLIST (you may not have this option) Router(config)# line vty 0 15 Router(config)# accounting commands 0 MYACCTLIST Router(config)# accounting commands 15 MYACCTLIST Router(config)# accounting exec MYACCTLIST Router(config)# accounting config-commands MYACCTLIST Router(config)# radius-server host 123.123.123.123 key RADIUSPASSWORD To specify password options: Router(config)# security authentication failure rate 3 Router(config)# security password min-length 8 Keep in mind, based on your IOS level, you may or may not have the same commands/syntax that I do. Just issue a '?' if you get stuck and use the context-sensitive help. Hope this helps! Aaron T. Rohyans IT Coordinator IDC-USA arohyans () idc-usa com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of pepsdiaz () gmail com Sent: Wednesday, January 23, 2008 4:27 AM To: security-basics () securityfocus com Subject: CISCO Catalyst Dear all, I need to audit a CISCO Catalyst 6509 and 2950. I would like to know, if you can set up several users in order log their activities on it and how to do that. Besides, I would like to know if you can set up password protection measures like: - Change password periodically. - Lenght of password - Historical of password Can you set up more than one user role or just the administrator? Thanks in advance to everybody. ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
Current thread:
- CISCO Catalyst pepsdiaz (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)
- Re: CISCO Catalyst Leif Hardison (Jan 23)
- Re: CISCO Catalyst Andrea Gatta (Jan 23)
- RE: CISCO Catalyst Erik Soosalu (Jan 23)
- Re: CISCO Catalyst Gou, S.TOKIDA (Jan 23)
- Re: CISCO Catalyst a42n8k9 dejazzd.com (Jan 23)
- RE: CISCO Catalyst Aaron T. Rohyans (Jan 23)
- R: CISCO Catalyst Vega - Brunello Ivan (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)
- Re: R: CISCO Catalyst Jens Link (Jan 23)
- RE: R: CISCO Catalyst Erik Soosalu (Jan 23)
- Re: CISCO Catalyst brian . bevers (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)