October 10th, 2005, 09:36 AM
audit checklist for 3com switches
Anyone out there has an audit checklist that covers 3COM switches?
Thank you in advance.
October 10th, 2005, 01:16 PM
Hi lorraine welcome to AO. For switches ensure the following:-
1. Change the default telnet or ssh login passwords.
2. Read the Switch manual to gaurd against active sniffing in a network.
October 10th, 2005, 02:41 PM
By default on all 3coms the stmp group public is enabled and has no password. Either disable or add a password. stmp traps are the easiest way to sniff a network fairly undected (if done right)
Edit: That's SNMP not stmp
October 10th, 2005, 03:33 PM
OK, combining suggestions from above:
1. Current BIOS version.
2. Current Firmware version
3. Manger Password (hardened)
4. Operator Pasword (hardened)
5. Change Public community to match network SNMP community
6. Password protect SNMP communities
Hmmm ... well, this should be a good start.
7. Document versions, configuration and settings.