This document is an informal discussion of some Cisco configuration settings that network administrators should consider changing on their routers, especially on their border routers, in order to improve security. This document is about basic, "boilerplate" configuration items that are almost universally applicable in IP networks, and about a few unexpected items of which you should be aware.
A non-Cisco source has released a program to decrypt user passwords (and other passwords) in Cisco configuration files. The program will not decrypt passwords set with the enable secret command. The unexpected concern that this program has caused among Cisco customers has led us to suspect that many customers are relying on Cisco password encryption for more security than it was designed to provide. This document explains the security model behind Cisco password encryption, and the security limitations of that encryption
SAFE is a comprehensive security blueprint that enables organizations to safely engage in e-business. Using a modular approach that simplifies security design, rollout, and management as networks grow and change, SAFE enhances networks built on Cisco AVVID (Architecture for Voice, Video and Integrated Data).
Strategies for Attack defense, tracking or mitigation
Denial of service (DoS) attacks are common on the Internet. The first step in responding to such an attack is to find out exactly what sort of attack it is. Many of the commonly used DoS attacks are based on high-bandwidth packet floods, or on other repetitive streams of packets. This document provides insight into understanding and tracing these attacks.
It provides in-depth information regarding "smurf" attacks, with a focus on Cisco routers and how to reduce the effects of these attacks. Some information is general and not related to an organization's particular vendor of choice; however, it is written with a Cisco router focus. This document is not a confirmation of the effects of "smurf" attacks on other vendors' equipment; however, it does contain information about various vendors.
This document describes bug reporting and incident response procedures - specifically, what to do if you are under active security attack or you believe that you are about to be attacked, if you have a security problem with a Cisco product, if you want to obtain technical security information about a Cisco product, or if you have additional questions about an announced security issue with a Cisco product. The role of the Cisco Product Security Incident Response Team (PSIRT) in handling security incidents is explained.