Step-by-Step Guide

Maintain physical security of the router

A router is much more secure than a hub, especially from network sniffing. This is because a router intelligently routes packets based on IP destination, where a hub broadcasts the data to all nodes. If one system that is connected to that hub places their network adapter in promiscuous mode, they are able to receive and view all broadcasts, including passwords, POP3 traffic and web traffic.

It is important then to make sure that physical access to your networking equipment is secure to prevent the placement of sniffing equipment, such as an unauthorized laptop, on the local subnet.

    Requires Free Membership to View


Fortifying router security

 Introduction
 Step 1: Change the default password!
 Step 2: Disable IP directed broadcasts
 Step 3: Disable HTTP configuration for the router, if possible
 Step 4: Block ICMP ping requests
 Step 5: Disable IP source routing
 Step 6: Determine your packet filtering needs
 Step 7: Establish Ingress and Egress address filtering policies
 Step 8: Maintain physical security of the router
 Step 9: Take the time to review the security logs

About the author
Chris Cox is a network administrator for the United States Army, based in Fort Irwin, California.

This tip originally appeared on SearchNetworking.com.

This was first published in January 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: