One of the things that usually are not implemented by the network administrator is the banner; but what and why use it?
The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH.
There are two main reasons to implement banner on our router/switch:
- Banner messages should be used to warn would-be intruders that they are not welcome on your network.
- Banner are useful to quickly identify the terminal (remember reconnaissance…).
There are five banner types:
- banner exec
- banner incoming
- banner login
- banner motd
- banner slip-ppp
banner exec
To display a banner on terminals with an interactive EXEC, use the banner exec global configuration command. This command specifies a message to be displayed when an EXEC process is created (a line is activated, or an incoming connection is made to a VTY line).
banner exec d message d
banner incoming
To specify that a banner be used when you have an incoming connection to a line from a host on the network, use the banner incoming global configuration command. This banner is displayed after the MOTD banner and before the login prompts.
banner incoming d message d
banner login
To display a login banner, use the banner login global configuration command. This command specifies a message to be displayed before the username and password login prompts.
banner login d message d
banner motd
To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration command.
banner motd d message d
banner slip-ppp
To customize the banner that is displayed when a user makes a SLIP or PPP connection, use the banner slip-ppp command in global configuration mode.
banner slip-ppp d message d
Note: Delimiting character of your choice—for example, a percent sign (%). You cannot use the delimiting character in the banner message.
Token functionality first appeared in Cisco IOS Releases 12.0(3)T and 11.3(7.5)AA.
Tokens are keywords of the form $(token). When you include tokens in a banner command, Cisco IOS will replace $(token) with the corresponding configuration variable.
motd | login | exec | incoming | slip-ppp | |
$(hostname) | YES | YES | YES | YES | YES |
$(domain) | YES | YES | YES | YES | YES |
$(peer-ip) | NO | NO | NO | NO | YES |
$(gate-ip) | NO | NO | NO | NO | YES |
$(encap) | NO | NO | NO | NO | YES |
$(encap-alt) | NO | NO | NO | NO | YES |
$(mtu) | NO | NO | NO | NO | YES |
$(line) | YES | YES | YES | YES | NO |
$(line-desc) | YES | YES | YES | YES | NO |
References: http://www.cisco.com/…/12_0t3/feature/guide/tokenban.html