This challenge involves the configuration of security of a router. The objectives of this challenge are to:
> enable # config t (config)# username fred password bert (config)# username test nopassword (config)# username fred privilege 15+ (config)# username test privilege 1 (config)# username test user-maxlinks 2 (config)# access-list 9 permit host 192.168.0.1 (config)# username fred access-class 9
The privilege levels go from level 0 to level 15, such as:
Typical 1 commands are:
access-enable Create a temporary Access-List entry clear Reset functions connect Open a terminal connection disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system lock Lock the terminal login Log in as a particular user logout Exit from the EXEC name-connection Name an existing network connection ping Send echo messages rcommand Run command on remote switch resume Resume an active network connection show Show running system information systat Display information about terminal lines telnet Open a telnet connection terminal Set terminal line parameters traceroute Trace route to destination tunnel Open a tunnel connection where List active connections
Thus:
(config)# username fred privilege 15 (config)# username test privilege 1
sets the maximum privilege level for fred at 15, while test will only be able to enter the non-privileged mode. Also:
(config)# access-list 9 permit host 192.168.0.1 (config)# username fred access-class 9
restricts the access for fred to a single host (192.168.0.1), so that the user will not be able to log-in from any other host. The following:
(config)# username test user-maxlinks 2
restricts the number of connections for test to two.