orcganir
asked on
how to audit routers for security
how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.
ASKER
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118
Should tell you how to set it up
Good Luck
FatLad
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118
Should tell you how to set it up
Good Luck
FatLad
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.