Hello,
I'm trying to implement Junos hardening and I pasted what I got from the internet. Does anybody have a summary for all the easy hardening that can be done?
set system ports console log-out-on-disconnect
set auxiliary disable
set system diag-port-authentication plain-text-password
New password: <password>
Retype new password: <password>
set system pic-console-authentication plain-text-password
New password: <password>
Retype new password: <password>
Disable all unused ports
set system default-address-selection
set system no-redirects
set system internet-options no-tcp-reset drop-tcp-with-syn-only
set system internet-options tcp-drop-synfin-set
set system no-ping-record-route
set system no-ping-time-stamp
delete system services rsh
delete system services rlogin
delete system services ftp
delete system services finger
delete system services telnet
delete system services web-management http
set system services ssh protocol-version v2
set system services ssh connection-limit 10
set system services ssh rate-limit 3
set system login password format sha512
No comments:
Post a Comment