• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 386
  • Last Modified:

how to audit routers for security

how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
0
orcganir
Asked:
orcganir
1 Solution
 
MarkDozierCommented:
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.

0
 
orcganirAuthor Commented:
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
0
 
fatladCommented:
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118

Should tell you how to set it up

Good Luck

FatLad
0
 
fatladCommented:
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
0
 
bfarmerCommented:
We use TACACS+ for this purpose.

If you don't have TACACS+ check out the following:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81.html

Looks like Cisco has introduced a configuration change log as of 12.3(4)T.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now