10
submitted 1 year ago by [email protected] to c/[email protected]

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 1 points 1 year ago

I am using the Cisco hardening guide with some tweeks.

https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-16/220270-use-cisco-ios-xe-hardening-guide.html

Covers things like only allowing sshv2, enable logging of commands to syslog, disabling the switch web servers.

[-] [email protected] 1 points 1 year ago

Nice. You guys allowing the playbooks to configure or just audit?

[-] [email protected] 2 points 1 year ago

we use the playbooks to configure, the trick is to do it in an idempotent way so when something is changed it doesn't kick off alarm bells.

SNMPv3 is my current bane as snmpv3 accounts are not stored in running config so snmp always says something is changed.

this post was submitted on 13 Mar 2024
10 points (85.7% liked)

cybersecurity

4413 readers
7 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 2 years ago
MODERATORS