Category - Tech

Cisco IOS access lists: 10 things you should know

10 things you need to know about Cisco IOS access lists, beginning with the basic definition of an ACL.

What is an access control list?

In the Cisco IOS, an access control list is a record that identifies and manages traffic. After identifying that traffic, an administrator can specify various events that can happen to that traffic.

What’s the most common type of ACL?

IP ACLs are the most popular type of access lists because IP is the most common type of traffic. There are two types of IP ACLs: standard and extended. Standard IP ACLs can only control traffic based on the SOURCE IP address. Extended IP ACLs are far more powerful; they can identify traffic based on source IP, source port, destination IP, and destination port.

What are the most common numbers for IP ACLs?

The most common numbers used for IP ACLs are 1 to 99 for standard lists and 100 to 199 for extended lists. However, many other ranges are also possible.

  • Standard IP ACLs: 1 to 99 and 1300 to 1999
  • Extended IP ACLs: 100 to 199 and 2000 to 2699

How can you filter traffic using ACLs?

You can use ACLs to filter traffic according to the “three P’s”‚ÄĒper protocol, per interface, and per direction. You can only have one ACL per protocol (e.g., IP or IPX), one ACL per interface (e.g., FastEthernet0/0), and one ACL per direction (i.e., IN or OUT).

How can an ACL help protect
my network from viruses?

You can use an ACL as a packet sniffer to list packets that meet a certain requirement. For example, if there’s a virus on your network that’s sending out traffic over IRC port 194, you could create an extended ACL (such as number 101) to identify that traffic. You could then use the¬†debug ip packet 101 detail¬†command on your Internet-facing router to list all of the source IP addresses that are sending packets on port 194.

What’s the order of operations in an ACL?

Routers process ACLs from top to bottom. When the router evaluates traffic against the list, it starts at the beginning of the list and moves down, either permitting or denying traffic as it goes. When it has worked its way through the list, the processing stops.

That means whichever rule comes first takes precedence. If the first part of the ACL denies traffic, but a lower part of the ACL allows it, the router will still deny the traffic. Let’s look at an example:

Access-list 1 permit any
Access-list 1 deny host 10.1.1.1
Access-list 1 deny any

What does this ACL permit? The first line permits anything. Therefore, all traffic meets this requirement, so the router will permit all traffic, and processing will then stop.

What about traffic you don’t specifically address in an ACL?

At the end of an ACL is an implicit¬†deny¬†statement. Whether you see the statement or not, the router denies all traffic that doesn’t meet a condition in the ACL. Here’s an example:

Access-list 1 deny host 10.1.1.1
Access-list 1 deny 192.168.1.0 0.0.0.255

What traffic does this ACL permit? None: The router denies all traffic because of the implicit deny statement. In other words, the ACL really looks like this:

Access-list 1 deny host 10.1.1.1
Access-list 1 deny 192.168.1.0 0.0.0.255
Access-list 1 deny ANY

Can I name an ACL?

Numbers‚ÄĒwho needs numbers? You can also name your ACLs so you can more easily identify their purpose. You can name both standard and extended ACLs. Here’s an example of using a named ACL:

router(config)# ip access-list ?
  extended        Extended Access List
  log-update      Control access list log updates
  logging         Control access list logging
  resequence      Resequence Access List
  standard        Standard Access List
router(config)# ip access-list extended test 
router(config-ext-nacl)#
router(config-ext-nacl)# 10 deny ip any host 192.168.1.1
router(config-ext-nacl)# exit
router(config)# exit
router# show ip access-list
Extended IP access list test
    10 deny ip any host 192.168.1.1

What’s a numbering sequence?

In the “old days,” you couldn’t edit an ACL‚ÄĒyou could only copy it to a text editor (such as Notepad), remove it, edit it in notepad, and then re-create it. In fact, this is still a good way to edit some Cisco configurations.

However, this approach can also create a security risk. During the time you’ve removed the ACL to modify it, the router isn’t controlling traffic as needed. But it’s possible to edit a numbered ACL with commands. Here’s an example:

router(config)# access-list 75 permit host 10.1.1.1

router(config)#^Z
router# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
router(config)# ip access-list standard 75 
router(config-std-nacl)# 20 permit any 
router(config-std-nacl)# no 10 permit 10.1.1.1
router(config-std-nacl)#^Z

router# show ip access-lists 75
Standard IP access list 75
    20 permit any
router#

How else can I use an ACL?

ACLs aren’t just for filtering traffic. You can also use them for a variety of operations. Let’s look at some of their possible other uses:

    • To control debug output:¬†You can use the¬†debug list X¬†command to control debug output. By using this command before another¬†debugcommand, the command only applies to what you’ve defined in the list.
    • To control route access:¬†You can use a routing distribute-list ACL to only permit or deny certain routes either into or out of your routing protocol.
    • As a BGP AS-path ACL:¬†You can use¬†regular expressions¬†to permit or deny BGP routes.
    • For router management:¬†You can use an ACL to control which workstation or network manages your router with an ACL and an¬†access-class¬†statement to your VTY lines.
    • For encryption:¬†You can use ACLs to determine how to encrypt traffic. When encrypting traffic between two routers or a router and a firewall, you must tell the router what traffic to encrypt, what traffic to send unencrypted, and what traffic to drop.

To wrap up this review, I’ll leave you with one last tip: Don’t forget to use¬†remarkstatements in your ACLs. They’ll come in handy when you have to troubleshoot something later.

What is Firewall

A firewall is a software or hardware appliance that is used as a line of defense between your computer and the external threats from the internet.  Firewall technologies have evolved to meet the security requirements of the IT infrastructure. In a computer network, a firewall solution is usually implemented at the gateway computer to block the threats like intruders, hackers, viruses and unauthorized access.  There are different types of the firewall techniques and the implementation methods and the most commonly used techniques are packet filtering, proxy server, application gateway and the circuit-level gateway.

firewall

There are many companies that produce the firewall products and the most commonly used firewall products are manufactured by Zone Alarm, Microsoft Windows Firewall, Comodo, F-Secure, Kaspersky, LavaSoft, McAfee, Symantec, R-Firewall, AShampoo and Trend Micro PC-cillin.

Firewall works very closely to a router program by examining each packet of the data.  A properly configured firewall prevent your computer form the internal and external threats. Most business class firewall products offer application layer filtering.  Application filtering is required to prevent the spam, viruses and the application layers threats. Performance is very important in the busy networks and the firewall throughput can range from 150 mpbs to 1 gbps.  Configuring the firewall requires the detailed understating of the network applications and the overall IT infrastructure. To select the best firewall product, you need to know your IT infrastructure and the level of security you require.  Most of the firewall products posses the following features.

Firewall Features

  • Monitoring inbound and outbound traffic.
  • User‚Äôs authentication.
  • Ports blocking
  • Bandwidth management
  • Logging
  • NAT (Network Address Translation)
  • Antivirus
  • Spam Filtering
  • URL Screening
  • Web caching
  • Centralized management
  • SSL
  • VPN
  • Email Security
  • IP Spoofing
  • Blocks Intrusion attempts
  • Blocks viruses, spyware and other web threats.
  • HTTP Filtering
  • MAC Address filtering
  • Remote administration
  • Ports Scanning
  • Application monitoring
  • IP Address ban list
  • Application Layer Filtering

firewall

Before selecting a firewall product you should consider the following things

  • Do you prefer software firewall or hardware?
  • How many concurrent connections you require.
  • Do you need high availability?
  • What VPN protocols do you want to use.
  • Which level of security does your network require?
  • How many VPN tunnels do you need to run concurrently?
  • What type of user interface do you prefer?
  • Authentication features.

How to Increase Laptop security | Tips to work more securely

The security of your computer¬† success of your company. Lost¬† information can reveal company secrets or expose your personal information. Use these 10 tips to learn how you¬† can¬† protect your computer, laptop, and your company’s network.

  • Work with your IT department

IIT department require to install¬† security software, such as a firewall or¬† software to help¬† connect from remote locations. Regular installations will keep your computer and your company’s network as secure as possible.

  • Use strong passwords

Password provide protection to your computer from unauthorized access and good password is often underestimated.Mostly,weak passwords provide attackers with easy access to your computer or network. Strong passwords are considerably harder to crack

Tips for strong password:

  • Password should lone at least eight¬† characters long.
  • Does not contain your user name, real name, or company name.
  • Password should¬† different from previous passwords. such as Password1, Password2, Password3 are not strong.
  • Contains characters from each of the following ways:
    • Uppercase or lowercase letters.
    • Use Numbers¬† i.e 1 2 3 4
    • Symbols (!,@,#,$,%, etc.)
  • Don’t enable the Save Password option

If someone else access your computer, make it mandatory for you or someone else to enter password on all OS (Operating system) or Application settings

  • Lock your computer when you leave your desk

If you are e going to be away from your desk for a while, make sure your computer is locked. (Ctrl+ALT+Delete)

To lock your computer:

  • On your keyboard, press CTRL+ALT+DELETE at the same time.
  • Click Lock this computer (Lock Computer if you’re running Windows XP).
  • To unlock your computer, press CTRL+ALT+DELETE and enter your password.
  • Use password protection on your screensaver

Use password Protection on Your screensaver

To establish Windows XP screensaver password protection

  1. Right click an empty space on your desktop.
  2. Click Properties, and then the Screen Saver tab.
  3. Change Wait time to 10 minutes or less.
  4. Select On resume, password protect.
  5. Click Apply.

 

To establish Windows 7 screensaver password protection

  • Right click an empty space on your desktop.
  • Click Personalize, and then click the Screen Saver section.
  • Change Wait time to 10 minutes or less.
  • Select On resume, display logon screen.
  • Click Apply.

 

To establish Windows Vista screensaver password protection

  • Right click an empty space on your desktop.
  • Click Personalize, and then click the Screen Saver section.
  • Change Wait time to 10 minutes or less.
  • Select On resume, password protect.
  • Click Apply.

  • ¬†Encrypt files containing confidential or business critical files

You keep valuable and sensitive data on your computer. You might have sensitive information about your company or clients, or your personal bank statements on a laptop you use at home and work. Encrypting your data keeps it as secure as possible. To help keep unauthorized people from accessing your data‚ÄĒeven if your computer is lost or stolen‚ÄĒyou should encrypt all sensitive data. In the Enterprise and Ultimate editions of Windows Vista, you can use BitLocker‚ĄĘ Drive Encryption to encrypt the entire volume. In Windows XP and all editions of Windows Vista, you can use the Encrypting File System (EFS) to protect important files. We highly recommend that you learn how to encrypt a file or folder to keep it safe.

Learn how to encrypt a file in Windows 7.

To encrypt a folder or file

  1. Right-click the folder or file you want to encrypt, and then click Properties.
  2. Click the General tab, and then click Advanced.
  3. Select the Encrypt contents to secure data check box, click OK, and then click OK again.

Learn how to encrypt a file in Windows Vista.

To decrypt a folder or file

  1. Right-click the folder or file you want to decrypt, and then click Properties.
  2. Click the General tab, and then click Advanced.
  3. Clear the Encrypt contents to secure data check box, and then click OK.
  • ¬†Don’t open questionable emails

If an email message just doesn’t look right. Forward the email message to your IT administrator to verify before you open it.

  • Encrypt email messages when appropriate

If you are sending confidential information, encrypt the email and any files attached to it. Only recipients who have the private key that matches the public key you used to encrypt the message can read it.


 

Copyright ©2010 -  2019 Ciscoforall.com | Privacy Policy