انت هنا الان : شبكة جامعة بابل > موقع الكلية > نظام التعليم الالكتروني > مشاهدة المحاضرة
الكلية كلية تكنولوجيا المعلومات
القسم قسم البرامجيات
المرحلة 4
أستاذ المادة الحارث عبد الكريم عبد الله الخفاجي
10/04/2016 21:04:35
Network intruders can potentially gain access to sensitive network equipment and services. To help prevent unwanted access, access control is necessary. Access control limits who or what can use specific resources as well as the services or options available once access is granted. Many types of authentication methods can be performed on a Cisco device, and each method offers vary- ing levels of security.
The simplest form of authentication is passwords. This method is configured using a login and password combination on console, and vty lines and aux ports. This method is the easiest to imple- ment, but it is also the weakest and least secure. Password-only logins are very vulnerable to brute force attack Additionally, this method provides no accountability. Anyone with the password can gain entry to the device and alter the configurationTo help provide accountability, local database authentication can be implemented using one of the following commands:
username username password password
username username secret password
This method creates individual user accounts on each device with a specific password assigned to each user. The local database method provides additional security, because an attacker is required to know a username and a password. It also provides more accountability, because theusername is recorded when a user logs in. Keep in mind that the username password command combination displays the password in plaintext in the configuration file if the service password-encryption command is not configured. The username secret combination is highly recommended because it provides MD5-style encryption.
The local database method has some limitations. The user accounts must be configured locally on each device. In a large enterprise environment that has multiple routers and switches to manage, it can take time to implement and change local databases on each device. Additionally, the local database configuration provides no fallback authentication method. For example, what if the administrator forgets the username and password for that device? With no backup method available for authentication, password recovery becomes the only option.
المادة المعروضة اعلاه هي مدخل الى المحاضرة المرفوعة بواسطة استاذ(ة) المادة . وقد تبدو لك غير متكاملة . حيث يضع استاذ المادة في بعض الاحيان فقط الجزء الاول من المحاضرة من اجل الاطلاع على ما ستقوم بتحميله لاحقا . في نظام التعليم الالكتروني نوفر هذه الخدمة لكي نبقيك على اطلاع حول محتوى الملف الذي ستقوم بتحميله .
|