If there is no hostname or
domain name in the
current con?¬?guration, you
will be prompted to enter
one here.
Locking Down Routers with AutoSecure 81
Configuring interface specific AutoSecure
services
Disabling the following ip services on all
interfaces:
no ip redirects
no ip proxy-arp
no ip unreachables
no ip directed-broadcast
no ip mask-reply
Disabling mop on Ethernet interfaces
AutoSecure will
automatically disable
these services on all router
interfaces.
Securing Forwarding plane services??¦
Enabling CEF (This might impact the memory
requirements for your platform)
Enabling unicast rpf on all interfaces
connected to internet
AutoSecure will secure the
forwarding plane.
Enables CEF (or dCEF if
supported) )
Enables unicast RPF (if
supported)
You are asked to enable
the CBAC Firewall feature
here if it is supported on
the router.
This is the configuration generated:
no service finger
no service pad
no service udp-small-servers
no service tcp-small-servers
service password-encryption
service tcp-keepalives-in
service tcp-keepalives-out
.
.
.
.
end
A summary is then listed
for you to review.
82 Optional AutoSecure Parameters
Optional AutoSecure Parameters
Apply this configuration to running-config?
[yes]: y
Applying the config generated to runningconfig
The name for the keys will be:
2821.
Pages:
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81