adam's notes

Switch and Router Hardening

  • Change Default Credentials that are well documented and pose a significant security risk.
  • Disable Unnecessary Services and Interfaces on a switch or router
    • Not every service or interface is needed
    • e.g., services like HTTP or Telnet should be avoided
  • Use Secure Management Protocols such as SSH instead of Telnet or HTTPS instead of HTTP
  • Implement Access Control Lists (ACLs) to restrict access to the router or switch to only required devices and networks
  • Enable Logging and Monitoring to help identify issues like repeated login failures, configuration changes, and many others
  • Configure Port Security helps limit the devices that can connect to a switch port to prevent unauthorized access
  • Strong Password Policies help reduce the risk of password attacks
  • Physically Secure Equipment like keeping devices in a locked room to prevent unauthorized physical access

Graph View

Backlinks