Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Harden internet router

Hi,

I want to harden my internet router.

Any link on this.

I cheked few links and find out that RFC 1918,3380 address to be blocked on externla int.

There is one entry like

access-list 101 deny ip host 0.0.0.0 any

&

access-list 101 deny ip host 255.255.255.255.any.

What is this host in the command.My internet router or something else.What should I use here..

And how these acl will work?

Reg,

Sushil

6 REPLIES
Hall of Fame Super Blue

Re: Harden internet router

Sushil

host 0.0.0.0 & host 255.255.255.255 are host addresses you should never see so you are safe to deny them.

There are some very good papers on hardening devices, have a look at these two

1) Cisco document on hardening routers

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml

2) A non-Cisco doc from the sans.org website.

http://www.sans.org/reading_room/whitepapers/firewalls/cisco_router_hardening_stepbystep_794?show=794.php&cat=firewalls

Jon

Bronze

Re: Harden internet router

New Member

Re: Harden internet router

Thanks Jon for your response.

Hall of Fame Super Gold

Re: Harden internet router

Hey Jon,

Thanks for the link. Check out this proviso: "Reposting is not permited without express written permission."

He he he ...

Super Bronze

Re: Harden internet router

Not as good as some of the links the other posters provided, however you might also want to try SDM's (Cisco Router and Security Device Manager) security audit againt your router (if your device is supported).

More info: http://www.cisco.com/en/US/products/sw/secursw/ps5318/index.html

New Member

Re: Harden internet router

Hi,

Can Someone help on how to harden or secure Switch which is connected to Internet.

Multiple ISP links are terminated on the switch...

526
Views
4
Helpful
6
Replies