Securing Your Switch
Here are some basic security suggestions for network devices:
�¡ Use passwords that are not susceptible to a dictionary attack. Add
numbers or substitute numbers and symbols for letters.
�¡ Limit Telnet access using access lists.
�¡ Use SSH instead of Telnet.
�¡ Physically secure access to the device.
�¡ Use banners that warn against unauthorized access.
�¡ Remove unused services, such as finger, the TCP and UDP small
servers, service config, and HTTP server.
�¡ Set up and monitor Syslog.
�¡ Disable automatic trunking on all nontrunk ports.
�¡ Disable CDP on ports where it is not needed.