07-15-2012 11:12 PM - edited 03-07-2019 07:47 AM
What are the security issues in connecting a notebook to a console of the 2950 switch?
Can virus or trojan enter into a switch during configuration session? If the answer is yes, what precoutions must I take to prevent such case?
Does anybody heard about such problem?
07-15-2012 11:47 PM
Hello Felix,
This is a very interesting question. The short and practical answer is - no, the switch can not be infected by a virus or a trojan through a console session.
The longer answer would be: it is not totally impossible but it is practically unheard-of. Infecting the switch through a console session is extremely impractical and difficult because of these reasons (and there are certainly more but these are the ones I see right now):
As usual, in the world of IT, nothing is 100% secure. But ultimately, if something is or is not done depends mostly on whether it is reasonable enough to put effort into. Creating a virus that would infiltrate the 2950 - an end-of-life switch - via its console port is something way impractical and useless for anyone to invest the huge effort into. And certainly, the 2950 is immune to all existing PC-based infiltrations.
Do not worry about infecting your Cisco devices via the console session.
Best regards,
Peter
07-16-2012 12:31 AM
hi felix,
further adding on peter's excellent post, the only security issues when a PC is connected via console to a cisco device (router or switch) would be as below:
by default, the console port does not require a password for admin access. it should be configured with a line password as a security precaution:
Router(config)#line console 0
Router(config-line)#password
Router(config-line)#login
also, a user is logged in for 10 minutes and if you're away from your terminal while the console session is active, an attacker has up to 10 minutes to gain privilege access. it is recommended that the exec-timeout is fine-tuned to limit the amount of time a user is logged in.
Router(config-line)#exec-timeout
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide