Experiment 5 Network Security Hardening

Enterprise 2023-05-05 06:21:51 views: null

Table of contents

1. Experimental content

2. Experimental environment

3. Experimental steps

1. Experimental content

On the basis of the GRE VPN experiment, the security of the network is strengthened.

1. Configure port security on S0 , set server port MAC binding, limit the number of port MAC connections to 1 , and discard data frames if it exceeds the maximum value.

2. Configure OSPF routing protocol authentication.

3. S0 and R0 are configured with VTY 5 terminals to log in, the connection password is VTY 1234 , the enable password is en1234 , and the passwords are stored in an encrypted manner.

4. S0 and R0 enable SSH login, specify the login IP segment as the intranet segment; set up local AAA account database login, add peter account (maximum authority), shower account (level 2 , view only), configer account (level 3 , Can enter the global configuration, can only change the name, create a user), inter account (level 4 , can enter the interface configuration mode and use all subcommands), all passwords are aaa123 , and are stored in an encrypted manner.

2. Experimental environment

1. A host with Windows operating system installed , with Cisco PacketTracer 7.2 and above installed. 

3. Experimental steps

1. Configure port security on S0, set server port MAC binding, limit the number of port MAC connections to 1, and discard data frames if it exceeds the maximum value.

 

 

 

 

2. Configure OSPF routing protocol authentication, enable OSPF area encryption authentication ( MD5 ) mode on R0 and R1 , and the password is 654321 . 

 

 

3. R0 is configured with VTY 5 terminals to log in, the connection password is VTY1234, the enable password is en1234, and the passwords are stored in an encrypted manner.

4. Enable SSH login on R0, and specify the login IP segment as the intranet segment. 

 

5. R0 sets the local AAA account database login and applies it to the SSH session, creates peter, shower, configer, and inter accounts, and the passwords are all aaa123. 

6. R0 sets user access rights: peter account (maximum authority), shower account (level 2, view only), configer account (level 3, can enter global configuration, can only change name, create user), inter account (level 4, to enter interface configuration mode and use all subcommands). 

7. Test that the configer account can log in to R0 through SSH, test whether it can enter the global configuration mode, and test whether the account can enter the interface configuration mode. 

 

 

Guess you like

Origin blog.csdn.net/xiongIT/article/details/129972521
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com