Apr
6
2009

Banner, what is that?

One of the things that usually are not implemented by the network administrator is the banner; but what and why use it?

The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH.

There are two main reasons to implement banner on our router/switch:

  • Banner messages should be used to warn would-be intruders that they are not welcome on your network.
  • Banner are useful to quickly identify the terminal (remember reconnaissance…).

There are five banner types:

  • banner exec
  • banner incoming
  • banner login
  • banner motd
  • banner slip-ppp

 

banner exec
To display a banner on terminals with an interactive EXEC, use the banner exec global configuration command. This command specifies a message to be displayed when an EXEC process is created (a line is activated, or an incoming connection is made to a VTY line).

banner exec d message d

banner incoming
To specify that a banner be used when you have an incoming connection to a line from a host on the network, use the banner incoming global configuration command. This banner is displayed after the MOTD banner and before the login prompts.

banner incoming d message d

banner login
To display a login banner, use the banner login global configuration command. This command specifies a message to be displayed before the username and password login prompts.

banner login d message d

banner motd
To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration command.

banner motd d message d

banner slip-ppp
To customize the banner that is displayed when a user makes a SLIP or PPP connection, use the banner slip-ppp command in global configuration mode.

banner slip-ppp d message d

Note: Delimiting character of your choice—for example, a percent sign (%). You cannot use the delimiting character in the banner message.

Token functionality first appeared in Cisco IOS Releases 12.0(3)T and 11.3(7.5)AA.
Tokens are keywords of the form $(token). When you include tokens in a banner command, Cisco IOS will replace $(token) with the corresponding configuration variable.

  motd login exec incoming slip-ppp
$(hostname) YES YES YES YES YES
$(domain) YES YES YES YES YES
$(peer-ip) NO NO NO NO YES
$(gate-ip) NO NO NO NO YES
$(encap) NO NO NO NO YES
$(encap-alt) NO NO NO NO YES
$(mtu) NO NO NO NO YES
$(line) YES YES YES YES NO
$(line-desc) YES YES YES YES NO

 

References: http://www.cisco.com/…/12_0t3/feature/guide/tokenban.html