Table of Contents
Advertisement
Fix It Page
Disable IP Source Route
Enable Password Encryption Service
Cisco Router and Security Device Manager Version 2.2 User's Guide
16-10
This fix can be undone. To learn how, click
Security Audit disables IP source routing whenever possible. The IP protocol
supports source routing options that allow the sender of an IP datagram to control
the route that the datagram will take toward its ultimate destination, and generally
the route that any reply will take. These options are rarely used for legitimate
purposes in networks. Some older IP implementations do not process
source-routed packets properly, and it may be possible to crash machines running
these implementations by sending them datagrams with source routing options.
Disabling IP source routing will cause a Cisco router to never forward an IP
packet that carries a source routing option.
The configuration that will be delivered to the router to disable IP source routing
is as follows:
no ip source-route
This fix can be undone. To learn how, click
Security Audit enables password encryption whenever possible. Password
encryption directs the Cisco IOS software to encrypt the passwords, Challenge
Handshake Authentication Protocol (CHAP) secrets, and similar data that are
saved in its configuration file. This is useful for preventing casual observers from
reading passwords, for example, when they happen to look at the screen over an
administrator's shoulder.
The configuration that will be delivered to the router to enable password
encryption is as follows:
service password-encryption
This fix can be undone. To learn how, click
Chapter 16
Undoing Security Audit
Undoing Security Audit
Undoing Security Audit
Security Audit
Fixes.
Fixes.
Fixes.
OL-4015-08
Advertisement
Table of Contents
Troubleshooting
