Router Security Issue

The Role of Routers in Network Security
You know that you can build a LAN by connecting devices with basic Layer 2 LAN switches. You can then use a router to route traffic between different networks based on Layer 3 IP addresses.
Router security is a critical element in any security deployment. Routers are definite targets for network attackers. If an attacker can compromise and access a router, it can be a potential aid to them. Knowing the roles that routers fulfill in the network helps you understand their vulnerabilities.
Routers fulfill the following roles:
Advertise networks and filter who can use them.
Provide access to network segments and subnetworks.
Routers are Targets
Because routers provide gateways to other networks, they are obvious targets, and are subject to a variety of attacks. Here are some examples of various security problems:
Compromising the access control can expose network configuration details, thereby facilitating attacks against other network components.
Compromising the route tables can reduce performance, deny network communication services, and expose sensitive data.
Misconfiguring a router traffic filter can expose internal network components to scans and attacks, making it easier for attackers to avoid detection.

Attackers can compromise routers in different ways, so there is no single approach that network administrators can use to combat them. The ways that routers are compromised are similar to the types of attacks you learned about earlier in this chapter, including trust exploitation attacks, IP spoofing, session hijacking, and MITM attacks.

Note: This section focuses on securing routers. Most of the best practices discussed can also be used to secure switches. However, this section does not cover Layer 2 threats, such as MAC address flooding attacks and STP attacks, because these are covered in CCNA Exploration: LAN Switching and Wireless.

Securing Your Network
Securing routers at the network perimeter is an important first step in securing the network.
Think about router security in terms in these categories:
Physical security
Update the router IOS whenever advisable
Backup the router configuration and IOS
Harden the router to eliminate the potential abuse of unused ports and services

To provide physical security, locate the router in a locked room that is accessible only to authorized personnel. It should also be free of any electrostatic or magnetic interference, and have controls for temperature and humidity. To reduce the possibility of DoS due to a power failure, install an uninterruptible power supply (UPS) and keep spare components available.

Physical devices used to connect to the router should be stored in a locked facility, or they should remain in the possession of a trustworthy individual so that they are not compromised. A device that is left in the open could have Trojans or some other sort of executable file stored on it.

Provision the router with the maximum amount of memory possible. Availability of memory can help protect against some DoS attacks, while supporting the widest range of security services.

The security features in an operating system evolve over time. However, the latest version of an operating system may not be the most stable version available. To get the best security performance from your operating system, use the latest stable release that meets the feature requirements of your network.

Always have a backup copy of a configuration and IOS on hand in case a router fails. Keep a secure copy of the router operating system image and router configuration file on a TFTP server for backup purposes.

Harden the router to make it as secure as possible. A router has many services enabled by default. Many of these services are unnecessary and may be used by an attacker for information gathering or exploitation. You should harden your router configuration by disabling unnecessary services.

Before you configure security features on a router, you need a plan for all the Cisco IOS security configuration steps.

The figure shows the steps to safeguard a router. The first four steps are discussed in this chapter. Though access control lists (ACLs) are discussed in the next chapter, they are a critical technology and must be configured to control and filter network traffic.


Post a Comment


NBA Live Streaming. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com | Distributed by Blogger Templates Blog