Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1989
Views
0
Helpful
5
Replies

Unused ports - how to protect my stuff

Go to solution
ashleyreed4218
Level 1
Level 1

‎10-26-2012 07:36 AM - edited ‎03-07-2019 09:42 AM

All,

Is there a way I can prevent someone from plugging into an unused port (via serial cable) and getting into my system?

Regards,

AR

Labels:
0 Helpful
4 Accepted Solutions

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎10-26-2012 07:44 AM

If they have the right username, password and a console cable, than they can get to your system.

View solution in original post

0 Helpful

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎10-26-2012 07:59 AM

I think what Reza is trying to say is configure authentication on the console port and make it as secure as possible (2 factor authentication would be ideal). You could also set the exec timeout to 0, but that would essentially disable the console port. Not good in case you ever need to get into it.

View solution in original post

0 Helpful

Go to solution
johnlloyd_13
Level 9
Level 9

‎10-26-2012 08:10 AM

Hi,

Physically secure your rack cage or wiring closet with a good lock. Add CCTV monitoring if you've got an extra budget.

Sent from Cisco Technical Support iPad App

View solution in original post

0 Helpful

Go to solution
Patrick McHenry
Level 4
Level 4

‎10-26-2012 08:35 AM

Ashley

I looked into this as well. Because someone could connect to the console port and reboot the router and do the break sequence and they are in. I looked into port locks. The stick into an ethernet port and have a key to allow you to take out the plug. They are made for ethernet ports but, I imagine they would work for console port.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎10-26-2012 07:44 AM

If they have the right username, password and a console cable, than they can get to your system.

0 Helpful

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎10-26-2012 07:59 AM

I think what Reza is trying to say is configure authentication on the console port and make it as secure as possible (2 factor authentication would be ideal). You could also set the exec timeout to 0, but that would essentially disable the console port. Not good in case you ever need to get into it.

0 Helpful

Go to solution
johnlloyd_13
Level 9
Level 9

‎10-26-2012 08:10 AM

Hi,

Physically secure your rack cage or wiring closet with a good lock. Add CCTV monitoring if you've got an extra budget.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Patrick McHenry
Level 4
Level 4

‎10-26-2012 08:35 AM

Ashley

I looked into this as well. Because someone could connect to the console port and reboot the router and do the break sequence and they are in. I looked into port locks. The stick into an ethernet port and have a key to allow you to take out the plug. They are made for ethernet ports but, I imagine they would work for console port.

0 Helpful

Go to solution
ashleyreed4218
Level 1
Level 1

‎10-30-2012 08:14 AM

Thank you everyone. I guess it is unfortunate that I can't really stop someone from getting in with a console cable. The switches are in a live system at an airport, so I guess it is up to them to keep it physically secure.

All answers correct.

0 Helpful
Customers Also Viewed These Support Documents
Top