What are some other security measures I could take on the line console 0 besides physical security and local login? Could I change the baud speed? Could I change or disable the break sequence? Could I disable password recovery? Thanks in advance.
Physical security and local login should cover it. If you can, implement ACS or RADIUS for external account management - authentication and accounting.
Don't bother with disabling password recovery, it's more hassle than it's worth.
So there's really no way to protect the console connection from the break sequence after a hard restart? Just in case someone does get access or a disgruntled tech employee. I was able to change the baud speed, so now you have to match the speed, but does that only take effect after the start config is loaded. Thanks.
Just what I need! Thanks. One last question if you dont mind, I just want to confirm, in order to edit these configs I need to be in rommon mode, not while running in the ios? If so I need to reboot the switch and proceed with the break seq? Thanks again Edison.
