The Problem at The Cube Farm

The Cube Farm is networked with a main router, hostname Milo, connecting the inside network 192.168.0.0 to the ISP. This serial connection between Milo and the ISP is networked using the 10.1.1.0 network. This can be seen in the topology diagram.

The Milo router is configured using a very basic configuration setup. Although a basic configuration is easy to troubleshoot, it allows for many faults and security issues for the corporate inside network. The configuration has the default cisco password, and no service password-encryption enabled. This allows anyone who views the running configuration to see the password in plain text, as well as being a very easy password to discover by potential attackers. 

Using IGRP to make the internal network addresses routeable by the ISP router and beyond is a serious security risk, as it provides anyone access into the internal network.  With access to the internal company network, an attacker can gather information easily about the configuration typology, the networking equipment in use, as well as any potential security flaws which can be more easily exploited. 

The routing protocol which is used between the Milo router and the ISP is IGRP. This is an outdated routing protocol which has been replaced by EIGRP. (The cost of IGRP between the routers is 5, which is very minimal and in this case useful). IGRP does not support classless routing, which currently may not be needed, yet might be needed in the future based on company growth.

There is no security on the VTY lines and no timeout on telnet access. This is the most major issue of the configuration because it enables anyone to telnet into the router where they could easily change the router configuration for their benefit.  Furthermore, the lack of access control lists means that there are no restrictions on the IP addresses can telnet into the Router. 

Furthermore, there is an SNMP community string enabled which has read-only and read-write permission but no host logging the information.  One large security issue, is that the passwords on the SNMP community strings are very rudimentary, and discovering these passwords could allow a hacker to change the router's configuration and compromise the network easily.  Logging has been set to console, which could create a slower bandwidth because of the constant debugging and logging to the console.