«

I have a newbie question that I hope is not too elementary...I'm
trying to learn this stuff...
I installed a Cisco 806 router two years ago on my home network. I
recently needed to contact my ISP for another reason, and was told I
better check my router because it was wide open. On doing a show run,
I see <removed> after my passwords and a new username also with
<removed> after it. I am assuming someone has been able to get into my
configuration and change it. This router does not come with the
firewall option. What else can I do besides place new passwords on it?
Thanks for any help.

"Brenda" <> wrote in message
news: om...
> I have a newbie question that I hope is not too elementary...I'm
> trying to learn this stuff...
> I installed a Cisco 806 router two years ago on my home network. I
> recently needed to contact my ISP for another reason, and was told I
> better check my router because it was wide open. On doing a show run,
> I see <removed> after my passwords and a new username also with
> <removed> after it. I am assuming someone has been able to get into my
> configuration and change it. This router does not come with the
> firewall option. What else can I do besides place new passwords on it?
> Thanks for any help.

Restrict telnet access to it. Make an access list that allows only your PC's
IP to connect to the vty lines. Make the passwords difficult to guess.

"ec" <> wrote in message news:ko0ic.28442$L75.21973@fed1read06...
>
> "Brenda" <> wrote in message
> news: om...
> > I have a newbie question that I hope is not too elementary...I'm
> > trying to learn this stuff...
> > I installed a Cisco 806 router two years ago on my home network. I
> > recently needed to contact my ISP for another reason, and was told I
> > better check my router because it was wide open. On doing a show run,
> > I see <removed> after my passwords and a new username also with
> > <removed> after it. I am assuming someone has been able to get into my
> > configuration and change it. This router does not come with the
> > firewall option. What else can I do besides place new passwords on it?
> > Thanks for any help.
>
> Restrict telnet access to it. Make an access list that allows only your
PC's
> IP to connect to the vty lines. Make the passwords difficult to guess.
>
>

Might as well give an example. Say your PC's ip is 192.168.1.2. Do this on
the router:

conf t
access-list 30 permit host 192.168.1.2
line vty 0 4
access-class 30 in
exit
exit
copy run start

The 30 can be whatever is available 1-99

I THINK 806 uses IOS, if it doesn't disregard that example