Banners

Banners can be set so that an administrator can warn users or relay information to users when they log onto the router. Type in the banner command, then see what is available. In this example we will create a message of the day banner. So type in motd #, not what is the pound sign for you might ask, the pound sign is the delimiting character, which means that when I am finished typing the message I use the pound sign to signify that I am finished typing the banner.

Router(config)#banner ?

LINE      c banner-text c, where 'c' is a delimiting character
exec      Set EXEC process creation banner
incoming  Set incoming terminal line banner
login     Set login banner
motd      Set Message of the Day banner

Router(config)#banner motd ?

LINE  c banner-text c, where 'c' is a delimiting character

Router(config)#banner motd # Enter TEXT message. End with the character ‘#’. Unauthrorized access prohibited!! You will be prosecuted!!#

Now exit out of the router, then log back in. You should see the banner that you created.

Press RETURN to get started.

Unauthrorized access prohibited!! You will be prosecuted!! Router> Router>enable

In this example I have created the user exec mode and privileged mode passwords. A network adminsitrator will wan to create these passwords so that not anybody can access the router and get in. Later I a will show you how to encrypt the passwords. Notice how the enable secret password and the enable password cannot be the same. Make sure that they are different for security purposes.

Router#config Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco Router(config)#enable password cisco The enable password you have chosen is the same as your enable secret. This is not recommended. Re-enter the enable password.

In the first line I have created a password to get into the global configuration mode. Now we have set a password at each step of accessing the configuration files of the router. A user can also set passwords for each interface.

Router(config)#enable password cisco1 Router(config)# # #line con 0 Router(config-line)#login Router(config-line)#password cisco

In this example I wanted to see what commands are available at this step. Take a look through them. Some of these we will use in later steps.

Router(config-line)#? Line configuration commands:

absolute-timeout            Set absolute timeout for line disconnection
access-class                Filter connections based on an IP access list
activation-character        Define the activation character
autocommand                 Automatically execute an EXEC command
autohangup                  Automatically hangup when last connection closes
autoselect                  Set line to autoselect
data-character-bits         Size of characters being handled
databits                    Set number of data bits per character
default                     Set a command to its defaults
disconnect-character        Define the disconnect character
dispatch-character          Define the dispatch character
dispatch-machine            Reference a TCP dispatch state machine
dispatch-timeout            Set the dispatch timer
domain-lookup               Enable domain lookups in show commands
editing                     Enable command line editing
escape-character            Change the current line's escape character
exec                        Start an EXEC process
exec-banner                 Enable the display of the EXEC banner
exec-character-bits         Size of characters to the command exec
exec-timeout                Set the EXEC timeout
exit                        Exit from line configuration mode

–More– ######### ######### flowcontrol Set the flow control –More– ######### ######### flush-at-activation Clear input stream at activation

full-help                   Provide help to unprivileged user
help                        Description of the interactive help system
history                     Enable and control the command history function
hold-character              Define the hold character
insecure                    Mark line as 'insecure' for LAT
ip                          IP options
length                      Set number of lines on a screen
location                    Enter terminal location description
lockable                    Allow users to lock a line
logging                     Modify message logging facilities
login                       Enable password checking
logout-warning              Set Warning countdown for absolute timeout of
                            line
modem                       Configure the Modem Control Lines
monitor                     Copy debug output to the current terminal line
motd-banner                 Enable the display of the MOTD banner
no                          Negate a command or set its defaults
notify                      Inform users of output from concurrent sessions
ntp                         Configure NTP
padding                     Set padding for a specified output character
parity                      Set terminal parity
password                    Set a password

–More– ######### ######### private Configuration options that user can set will

                            remain in effect between terminal sessions
privilege                   Change privilege level for line
refuse-message              Define a refuse banner
rotary                      Add line to a rotary group
rxspeed                     Set the receive speed
script                      specify event related chat scripts to run on the
                            line
session-disconnect-warning  Set warning countdown for session-timeout
session-limit               Set maximum number of sessions
session-timeout             Set interval for closing connection when there is
                            no input traffic
special-character-bits      Size of the escape (and other special) characters
speed                       Set the transmit and receive speeds
start-character             Define the start character
stop-character              Define the stop character
stopbits                    Set async line stop bits
telnet                      Telnet protocol-specific configuration
terminal-type               Set the terminal type
transport                   Define transport protocols for line
txspeed                     Set the transmit speeds
vacant-message              Define a vacant banner
width                       Set width of the display terminal

–More– ######### #########

After exciting out of the line command I went back in to explore the line aux command. Notice how when I use the ? command the option is only zero. This is the same with the console command and the v t y command, zero is the only option on all of these. I went ahead and entered in passwords for each of these interfaces.

Router(config-line)#exit Router(config)#line aux ?

<0-0>  First Line number

Router(config)#line aux 0 Router(config-line)#login Router(config-line)#password cisco Router(config-line)#^Z Router# %SYS-5-CONFIG_I: Configured from console by console Router#config ti# # Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line vty 0 Router(config-line)#password cisco Router(config-line)#login Router(config-line)#^Z

Choose Your Path

Linux Tips

Contact Us

BeginLinux.com
(407)-620-4092
mike at beginlinux.com

Sign up and gets tips in your email

Banners

Installation

Appearance

Desktop

Network

Security

Ubuntu Terminal

Other

Desktop

Firewall

Appearance

Other

Desktop

Other

Desktop

Other

Desktop

Appearance

Multimedia

Sharing

Other

Desktop

Other

Desktop

Other

Desktop

Other

A-F

G-M

O-Z

Ubuntu Servers

Web Server

FTP Server

LDAP

CentOS Servers

Postfix

Sendmail

DNS

Nagios

LVM

Hardware

Virtualization

Other

Firewalls

Server Security

VPN

Security Tools

Wireshark

Encryption

Other

Local Area Network

Wide Area Network

Cisco routers

Access Lists

Other

Choose Your Path

Linux Tips

Desktop

WINDOWS-TO-LINUX

LINUX ADMIN

Contact Us