Re: A few newbie questions

miloann2002 · ‎10-30-2004

I have a few questions as follows:

1. I am planning to use ssh instead of telnet or pdm for security reasons. Would this make sense? Any things I could miss without using telnet.

2. In the IOS v12, do we still need to specify 'no service tcp-small-servers

' and 'no service udp-small servers'? Is this a default function? Or I still have to include the line?

3. In the PIX config, are the following very critical to security?

'no http server enable';

'clear dhcpd' ;

'sysopt security fragguard', 'fragment chain 1 outside';

'ip verify reverse-path interface xxxx';

4. How is Cisco IDS 2410? Any reported vulnerable? It occurred to me that this device cannot block any packets that meet the signature patterns. Is

this a config issue or the faults from the box? In Cisco website, it is marked as a discontinued support item.

5. Is dhcp not a good choice for security reason? How vulnerable would it be for the Dos?

I am new to this field and any comments are appreciated. Thanks.

nkhawaja · ‎10-30-2004

1. no you are not missing any thing. telnet/ssh/pdm all are ways to configure/access

2. by default tcp/udp small servers are enabled. you need to disable them.

3. Not necessarily. http is enabled for PDM access.

4. 4210 is replaced with 4215. But they both have been OK. There was no vulnerability that is not fixed.

5. DHCP has nothing to do with security. All devices like routers/firewall are capable of running dhcp server.

thanks

Nadeem