Secure Router Configuration – CompTIA Security+ SY0-401: 1.2

| July 27, 2014 | 0 Comments

A router is one of the most important devices in your network. In this video, you’ll learn how to securely connect and manage your routers and other infrastructure devices.

<< Previous Video: VLAN ManagementNext: Access Control Lists >>

When you’re working with routers, you’re working with firewalls, you’re working with other devices. One of the challenges you have is that you’re providing very sensitive security information to those devices.

You don’t want anybody to have access to that, except for you and the other security professionals in your environment. Every device works a little bit differently on how it stores data, and how it secures data.

So you’ll want to look at your router, or your firewall, or your switch, to determine– how is that information stored, and how can I communicate to that device in a way that’s not going to provide a lot of data in the clear that somebody might be able to see.

Very often, in fact, you’ll find that devices on your network still have the default username and password on them. You’ll see this a lot for people’s home routers. They don’t think of changing them. Username– admin, login– admin. Username– administrator, login– administrator. It’s a very, very common thing, unfortunately, to see this– even in some of the largest networks in the world.

So you really have to go through and audit, make sure that you have changed all those passwords. It’s so quick to pass by that when you’re installing a device for the first time.

You also have to think about how you’re communicating to the device. Are you communicating over a channel that’s in the clear traffic? You certainly don’t want that. You want to communicate to this device in an encrypted form. So you’re going to want to use things like, SCP, which is an encrypted method of doing a file copy. Or HTTPS, which uses encrypted communication to these devices. Or SSH, if you need to be able to communicate to the device as well.

TFTP, probably not so much. That is “in the clear” traffic. If somebody wanted to see the configuration files which you’re transferring via TFTP, all of your very sensitive security information would be in there– all of the information you added for IP address ranges, and the different resources available.

If you got your hands on a firewall, or a router log, or a router configuration, there’s a lot of good information in there, that bad guys would be able to use.

You also have to think about the way that your configurations are being stored. Are they stored on the device, are they stored in an encrypted form?

Are you transferring them, and putting them in a network location as a backup? Is the backup encrypted? You don’t want people getting access to that. Is the backup secure? Is it on your local workstation? Do you put it on a flash drive, is it on a network drive?

You need to think about what you’re doing with this data– both on the device, and once you take it off the device. And if you just keep those things in mind, you can be certain that then your network infrastructure devices– and the configuration on those devices– is going to remain secure.

Tags: , , , , , , ,

Category: CompTIA Security+ SY0-401