360GRC Demo    FAQ's    Contact Us
»    Network Vulnerability Risk Assessments
»    FREE Network self assessment
»    For more details mail to Support@360GRC.com
Free network self assessment

Network Vulnerability Risk Assessments
  Low Issues
1. Are your network device passwords configured for encryption in order to prevent unauthorized access?
Validate that the following command is configured:
-    service password-encryption
   
2. Do you have unnecessary or unauthorized username accounts configured on your network devices?
Validate your configurations for the following Cisco commands are NOT included:
-    username [any username] password [string]
   
3. Do you have any SNMP well-known community strings to prevent unauthorized access to your network devices?
Validate your configurations for community strings in the following Cisco commands:
-    snmp-server community public RO [number]
   
4. Are your logs enabled for timestamps to accelerate identifying network issues?
Validate your configurations for the following Cisco commands are included:
-    service timestamps log datetime msec localtime show-timezone
   
5. Are all unnecessary services disabled on the network devices - e.g. finger, HTTP, HTTPS, DNS, FTP, TFTP, TCP and UDP small services, Proxy ARP, IP redirects, BOOTP, BSD, IP unreachables.
Validate your configurations for the following Cisco commands are NOT enabled:
-    ip http server
-    ip ftp username [string]
   
  Medium Issues
6. Is port security enabled on all data ports to only allow authorized workstations on the network?
Validate your configurations for the following Cisco commands. Make sure they are not missing at the interface level:
-    switchport port-security
-    switchport port-security violation [restrict]
   
7. Are incoming and outgoing sessions limited to SSH to ensure all access to network devices are encrypted?
Validate your configurations for the following Cisco commands are include at the console, auxiliary and VTY lines:
-    transport input SSH
-    transport output SSH
   
8. Are your network devices configured to be rebooted via SNMP? This is to ensure unauthorized users cannot cause production outages.
Validate your configurations for the following Cisco commands is NOT enabled:
-    snmp-server system-shutdown
   
9. Are Multiple Tacacs servers used to provide redundancy?
Validate your configurations for the following Cisco commands includes 2 or more of the following Cisco commands:
-    tacacs-server host [address] key [string] single-connection
   
10. Is Passive interface set to the default, on your routers? This will restrict routes from learning user subnets.
Validate your configurations for the following Cisco command is included under the router ospf, bgp, rip or eigrp, isis:
-    passsive-interface default
   
  High Issues
11. Is NTP authentication turned on, and matched with the trusted key to ensure only authorized packets are received with MD5 authentication?
Validate your configurations for the following Cisco command is included:
-    ntp authentication-key [number] md5 [string] = ntp trusted-key [number]
   
12. Is SNMP v3 only being used? Version 1 or 2 of SNMP can be insecure.
Validate your configurations for the following Cisco command is included:
-    snmp-server user [string] [string] v3 auth sha [string] priv des56 [string]
   
13. Is DTP enabled on all trunk ports? This is to ensure autonegotiation is not enabled to prevent unauthorized vlans from being trunked.
Validate your configurations for the following Cisco commands are NOT enabled on the trunk ports:
-    switchport mode dynamic desirable
-    switchport mode auto
   
14. Are AAA authentication method applied to all group of lines e.g. VTY, console, etc and do they match to ensure network devices are authenticated properly?
Validate your configurations for the following Cisco commands are enabled:
-    Globally - aaa authentication login [name] group tacacs+ local-case
-    under line console, aux or VTY – login authentication [name]
   
15. Is MD5 authentication used with your ISP to limit the number of authorized internet routes received?
Validate your configurations for the following Cisco command is not enabled under router bgp:
-    neighbor [address] password [string]
   
Risk Environment
Read more
Manchester Benefits

»   Almost Immediate ROI
»   Reduced time to audit
»   Decreased risk footprint
»   A less burdened staff
»   More Successful results
Read more
Product

»   Identifies non-compliant
     configurations
»   Rates the severity of the risks
»   Trends the risk footprint over time
»   Provides root cause analysis and
     recommends a remediation plan to
     effectively address each risk
Read more
Stay updated, follow us    Facebook  LinkedIn  eBloger  Twitter  Digg  YouTube
© Copyright 2010. All rights reserved. 360GRC   /   Team behind this project Q2C