This document is an informal discussion of some Cisco configuration settings
that network administrators should consider changing on their routers,
especially on their border routers, in order to improve security. This document
is about basic, "boilerplate" configuration items that are almost universally
applicable in IP networks, and about a few unexpected items of which
you should be aware.
A non-Cisco source has released a program to decrypt user passwords
(and other passwords) in Cisco configuration files. The program will
not decrypt passwords set with the enable secret command. The
unexpected concern that this program has caused among Cisco customers
has led us to suspect that many customers are relying on Cisco password
encryption for more security than it was designed to provide. This document
explains the security model behind Cisco password encryption, and the
security limitations of that encryption
SAFE is a comprehensive security blueprint that enables organizations
to safely engage in e-business. Using a modular approach that simplifies
security design, rollout, and management as networks grow and change, SAFE
enhances networks built on Cisco AVVID (Architecture for Voice, Video and
Strategies for Attack defense, tracking or mitigation
Denial of service (DoS) attacks are common on the Internet. The
first step in responding to such an attack is to find out exactly what
sort of attack it is. Many of the commonly used DoS attacks are based on
high-bandwidth packet floods, or on other repetitive streams of packets.
This document provides insight into understanding and tracing these attacks.
It provides in-depth information regarding "smurf"
attacks, with a focus on Cisco routers and how to reduce the effects of
these attacks. Some information is general and not related to an organization's
particular vendor of choice; however, it is written with a Cisco router
focus. This document is not a confirmation of the effects of "smurf" attacks
on other vendors' equipment; however, it does contain information about
This document describes bug reporting and incident response procedures -
specifically, what to do if you are under active security attack or you believe
that you are about to be attacked, if you have a security problem with a Cisco
product, if you want to obtain technical security information about a Cisco
product, or if you have additional questions about an announced security issue
with a Cisco product. The role of the Cisco Product Security Incident Response
Team (PSIRT) in handling security incidents is explained.