Solved

how to audit routers for security

Posted on 2004-08-18
5
341 Views
Last Modified: 2010-04-17
how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
0
Comment
Question by:orcganir
5 Comments
 
LVL 8

Expert Comment

by:MarkDozier
ID: 11838209
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.

0
 

Author Comment

by:orcganir
ID: 11838307
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838688
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118

Should tell you how to set it up

Good Luck

FatLad
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838697
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
0
 
LVL 4

Accepted Solution

by:
bfarmer earned 500 total points
ID: 11840394
We use TACACS+ for this purpose.

If you don't have TACACS+ check out the following:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81.html

Looks like Cisco has introduced a configuration change log as of 12.3(4)T.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EIGRP Full Mesh 2 82
Move configuration from Cisco 3560 to 3750X 6 53
2 Gateways (bandwidth) - One domain 7 75
parental control on huwei HG658b 1 21
New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question