?
Solved

how to audit routers for security

Posted on 2004-08-18
5
Medium Priority
?
355 Views
Last Modified: 2010-04-17
how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
0
Comment
Question by:orcganir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 8

Expert Comment

by:MarkDozier
ID: 11838209
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.

0
 

Author Comment

by:orcganir
ID: 11838307
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838688
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118

Should tell you how to set it up

Good Luck

FatLad
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11838697
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
0
 
LVL 4

Accepted Solution

by:
bfarmer earned 2000 total points
ID: 11840394
We use TACACS+ for this purpose.

If you don't have TACACS+ check out the following:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81.html

Looks like Cisco has introduced a configuration change log as of 12.3(4)T.
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question