• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 374
  • Last Modified:

how to audit routers for security

how can i monitor and audit the commands entered into our cisco router? and also trace who entered them???
0
orcganir
Asked:
orcganir
1 Solution
 
MarkDozierCommented:
use the syslog command. Your router documentation should cover the command or you can look it up on the cisco site.

0
 
orcganirAuthor Commented:
actually, what i was looking for is a way to log the commands entered, by who and when..
i alredy have an existing syslog setup. i use RADIUS for authentication but its accounting features are somewhat limited.. thanks
0
 
fatladCommented:
With Radius or TACACS command accounting you should be able to have all the commands issued by user. Check out

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#32118

Should tell you how to set it up

Good Luck

FatLad
0
 
fatladCommented:
Sorrt just noticed that Cisco does not support RADIUS accounting, only TACACS+
0
 
bfarmerCommented:
We use TACACS+ for this purpose.

If you don't have TACACS+ check out the following:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1e81.html

Looks like Cisco has introduced a configuration change log as of 12.3(4)T.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now