Cisco routers - LOGON SECURITY ENHANCEMENTS

advertisement
CISCO ROUTERS - LOGON SECURITY ENHANCEMENTS
login block-for <seconds> attempts <attempts> within < seconds>
This command can block all logins for a period of time when within some period of time
there’ll be more than X login attemps, e.g.
login block-for 300 attempts 10 within 60
It means that system will block login attempts for 300 seconds if within 60 seconds there
were 10 or more login attempts. This command is helpful in case of brute force attack.
login quiet-mode access-class <acl>
This command can help authorized users to log into device in case of system run login
block-for function. Then users from acl localization can log into the cisco device even
when others people cannot.
login quiet-mode access-class 23 ,where 23 is access-list 23
Download