Popular Posts

Saturday, 30 May 2009

Becareful with your Routers on HTTP Access

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!


Before going through the problem, the following word should be considered to be read first:

What is HTTP?

-> HTTP stands for Hypertext Transfer Protocol, is an application-level protocol for distributed, collaborative, hypermedia information systems.Its use for retrieving inter-linked resources led to the establishment of the World Wide Web. HTTP uses port 80 as its default port. As you can see on Web Browser with the link address, Example: http://NetworkSecurityNotes.blogspot.com, my Network Security blog's address that can be browsed or viewed by using HTTP protocol. More additionally, on your Web Browser address bar, you can also browse any website with link address, Example: http://NetworkSecurityNotes.blogspot.com:80, the address will sill be redirected to the address http://NetworkSecurityNotes.blogspot.com. That's the port 80 is HTTP's default port.

How About HTTP Access?

-> Well, I just give a short definition what HTTP Access is. HTTP Access is a process of an access by using HTTP protocol.

Why on the Routers need to becareful with HTTP Access?

As you know on routers with Cisco IOS software equipped with a Web browser user interface that allows you to issue commands into the router via the Web interface. The Web browser user interface can be customized and tailored to your business environment. The HTTP server is disabled by default; when it's enabled, it introduces some new security vulnerabilities into your network. The HTTP server function, when it's enabled, gives all client devices with logical connectivity to the router the ability to monitor or modify the configuration of the router. All that needs to reside on the client is a software package that interprets packets on port 80. This is obviously a major security issue. So, the most concern with HTTP Access is about the security vulnerabilities when the HTTP Server is enabled on Routers.

So, How to take control of these security vulnerabilities?

The router software allows you to change the default port (port 80) that the HTTP server is running on. You can also configure an access list of specific hosts that are allowed Web access to the router and apply the access list to the HTTP server. Authentication of each user provides better security if you elect to use the router's HTTP server functions. Authentication can take place by one of four different methods:
> AAA: commonly stands for “Authentication, Authorization and Accounting"
> Enable: Indicates that the configured enable password is used for authentication. This is the default authentication method.
> Local: Indicates that the locally configured security database is used for authentication.
> TACACS+: stands for Terminal Access Controller Access-Control System Plus, a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. This option indicates that the Terminal Access Controller Access system is used for authentication.

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

0 comments:

Post a Comment