Ok, now I'll try to post related to network security. because I think it's the network security is very important in the world of global telecommunications and therefore now we will discuss a bit about network security.
CCNA certification is important, and so is securing our network's Cisco
routers! To reflect the importance of network security, your CCNA
certification exam is likely going to contain a few questions about the
various passwords you can set on a Cisco router. Let's take a look at
some of those passwords and when to apply them.
If the previous user has logged out of the router properly, you will see
a prompt like this when you sit down at the router console:
R1 con0 is now available
Press RETURN to get started.
R1>
To get into enable mode, by default all I have to do is type "enable".
R1>enable
R1#
See how the prompt changed? By default, I can now run all the show and
debug commands I want, not to mention entering global configuration mode
and doing pretty much what I want. It just might be a good idea to
password protect this mode! We do so with either the enable password
command or the enable secret command. Let's use the enable password
command first.
R1(config)#enable password dolphins
Now when I log out and then go back to enable mode - or try to - I
should be prompted for the password "dolphins". Let's see what happens.
R1>enable
Password:
R1#
I was indeed prompted for a password. Cisco routers will not show
asterisks or any other character when you enter a password; in fact, the
cursor doesn't even move.
The problem with the enable password command is that the password will
show in the configuration in clear text, making it easy for someone to
look over your shoulder and note the password for future use, as shown
below:
hostname R1
!
enable password dolphins
We could use the "service password-encryption" command to encrypt the
enable password, but that will also encrypt all the other passwords in
the Cisco router config. That's not necessarily a bad thing! Here's the
effect of this command on the enable password we set earlier.
enable password 7 110D1609071A020217
Pretty effective encryption! However, if we want to have the enable
password automatically encrypted, we can use the enable secret command.
I'll use that command here to set this password to "saints", and note
that I'm not removing the previous enable password.
R1(config)#enable secret saints
After removing the "service password-encryption" command, we're left
with two enable mode passwords, and they appear in the Cisco router
config like this:
enable password dolphins
enable secret 5 $1$kJB6$fPuVebg7uMnoj5KV4GUKI/
If we have two enable passwords, which one should we use to log into the
router? Let's try the first password, "dolphins", first:
R1>enable
Password:
Password:
When you're prompted for the password a second time, you know you got it wrong the first time! Let's try "saints":
R1>enable
Password:
Password:
R1#
When both the enable secret and enable password commands are in use on a
Cisco router, the enable secret password always takes precedence.
"dolphins" didn't get us in, but "saints" did. That's valuable
information for both the CCNA certification exam and real-world
networks, because there's no worse feeling than typing a password at a
Cisco router prompt and then getting another password prompt!
This is just one way to perform basic Cisco router security with
passwords. We'll take a look at other methods in a future CCNA
certification exam training tutorial!
ok, maybe much for all that I can give sorry if there is a shortage, may be useful.!
Thank`s for attentions.
ozcorp tea.
Be yourself, be thankful, be balanced, be adaptable..