nobrow wrote:
> Hi. I recently made a big balls up by announcing to the world that my
> (apartment block's) router, a Cisco 800 series, was completely
> unsecured. I have since removed the default users and passwords and
> changed the admin/enable password.
>
> Question is what else do I have to do to secure this thing?
>
> Also, I am concerned that it may have already been compromised. Who
> knows how long it has been unsecure, and my announcement of the fact
> probably didnt help. Is there any way to check if anything malicious
> has been done to it?
>
> Total noob at this, so details would help.
>
> Thanks.
>
Go into Cisco Router Web Setup (CRWS), select Advanced Feature
Configuration and make sure you have the router firewall enabled. Its
just a radio button that you need to select. Since its only for home, I
wouldn't worry about enabling logging.
You also need to make sure Remote Management is disabled by selecting
"Deny Remote Management" on the Remote Management set-up page in
Advanced Feature Configuration. Its another radio button. Just make
sure to deny remote management.
You can check whether the firewall is configured on the CRWS Home page
but you can't manage it from there. You cannot check the status of
Remote Management from the CRWS Home page.
That's pretty much what I'm running for security on my 831.
The default on some 800 series routers is to disable the firewall and
allow remote management.
After that, go to Gibson Research
http://www.grc.com/default.htm and run
ShieldsUp on your computer system to make sure you're in full stealth.
The router firewall should block everything.
Hope this helps.
Similar Threads
Linear Mode
