Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1551
Views
0
Helpful
0
Replies

Minimum Security Baseline Show command script?

adamr1
Level 1
Level 1

‎10-07-2019 12:51 PM - edited ‎02-21-2020 11:10 AM

I have a list of Cisco configurations (see picture of excel sheet) to check whether they're enabled or disabled or set to my companies security standard.

 

I have been trying to compile a show command "script" to run on any device in the company at any point and see whether it meets the minimum security baseline or not.

 

Is this the best way to verify this? Essentially it is for audit purposes to quickly see if the running config meets the criteria specified in the list. If anyone has any better methods I'd love to hear of them. 

 

Devices are mixed between nexus and ios & both routers and switches will need to be checked. Many various models of them all as well.

 

msb reqs.png

 

Example: 

show run | i aaa auth
!
show run | i service password
!
show run | i secret
!
show run | i username
!
show run | i timeout
!
show run | i ip directed
!
show run | i source-route
!
show run | i snmp-server community
!
show run | i ip http se
!
show run | i ip bootp
!
show run | i ip identd
!

 

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents