Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1182
Views
0
Helpful
4
Replies

Commands on Router but not in Baseline

andylee1892
Level 1
Level 1

‎10-16-2012 03:19 AM

Hi All,

Just a general question really; I have attempted to Google it & look through these forums but coun't see anything - not sure if its my poor wording of the search term??

I have created a baseline template to run compliancy checks, I understand that lines beginning with a + are mandatory and lines begining with a - should not be on the router.  What I need to know is, is there a catch all for any other commands on the router config (startup or running) but not mentioned in the baseline? 

For example, lets say this is my baseline:

+   service   timestamps   debug   datetime   msec

+   service   timestamps   log   datetime   msec

+   service   password-encryption

+   hostname  [hostname]

The router comes back as compliant as it has all the above lines.  However there is obviously more config on the router, but this doesn't show?  So I know I can get commands that are in the baseline but not on the router; but what about the other way round - on the router but not on the baseline?  Surely this exists - at the least from a security point of view, an attacker could well have configured the Dot11Radio int, however without entering the command with the minus prefix I can't tell? 

I'm on LMS 2.6 by the way - I know, blast from the past

Thanks

Andy

Labels:
0 Helpful
4 Replies 4

andylee1892
Level 1
Level 1

‎10-17-2012 02:16 AM

I've had a good look through CiscWorks; and feel that I am surely missing something obvious - but I just can't see the wood for the trees.  I am guessing I need something similar to:

+ All

+ Baseline

+ Config

+ First

+ Then

- No other config

I have read through the user guide for this - namely chapter 8 which deals with Baseline Templates, however just can't see it?  Am I even looking in the right place?

0 Helpful

andylee1892
Level 1
Level 1

‎10-19-2012 07:56 AM

Sorry to bump this, but has no one ever come across this before?  Is it as simple as being a limitation of Cisco Works - i.e. you can see what part of the baseline is on the router, but you can't see the remaining config on the router??

0 Helpful

andylee1892
Level 1
Level 1

‎10-26-2012 07:18 AM

Sorry to bump this but has nobody every encountered this before? 

0 Helpful

andylee1892
Level 1
Level 1

‎11-14-2012 03:47 AM

Ok, I still haven't figured this out - so just a final bump

Any suggestions at all are more than welcome

0 Helpful
Customers Also Viewed These Support Documents