Routers and switches are the central nervous system of the network. If an attacker gains administrative access to a core switch, they can redirect traffic, drop packets, or create permanent backdoors. Hardening the management plane is non-negotiable.
Telnet, HTTP, and SNMPv1/v2 send credentials and community strings in cleartext. They must be completely disabled and replaced with SSHv2, HTTPS, and SNMPv3 with authentication and encryption.
💡 Pro-tip: Generate local RSA keys of at least 2048 bits before enabling SSH. Weak keys can be factored and compromised by automated internet scanners.
This configuration explicitly forces SSH version 2, disables Telnet on all virtual terminal lines, and mandates local authentication for access.
Implement login banners that explicitly state unauthorized access is prohibited and monitored (required for legal prosecution). Rate-limit SSH attempts to prevent brute-force attacks against the management interface.
⚠️ Always encrypt the configuration file passwords using service password-encryption (weak) or, preferably, store them in a secure AAA server (TACACS+) so credentials aren't sitting in plaintext in the config file.
| Protocol | Security | Recommendation |
|---|---|---|
| Telnet | Cleartext | Disable Immediately |
| SSHv1 | Weak Crypto | Disable / Force v2 |
| HTTP | Cleartext | Use HTTPS only |
Verify exercises to earn ★ 210 XP and unlock next lab level.