Solved

how to audit routers for security

Posted on 2004-08-18
5
346 Views
Last Modified: 2010-04-17
how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
0
Comment
Question by:orcganir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 8

Expert Comment

by:MarkDozier
ID: 11838209
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.

0
 

Author Comment

by:orcganir
ID: 11838307
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838688
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118

Should tell you how to set it up

Good Luck

FatLad
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838697
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
0
 
LVL 4

Accepted Solution

by:
bfarmer earned 500 total points
ID: 11840394
We use TACACS+ for this purpose.

If you don't have TACACS+ check out the following:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81.html

Looks like Cisco has introduced a configuration change log as of 12.3(4)T.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question