Cisco® Secure Internet Security Solutions

Recommended Minimum IOS Security Settings

This section deals with the basic minimum configurations that all enterprises should employ on their routers. Although some of the commands explained in this section are disabled by default, the administrator is urged to deny specifically those services and routes that are not needed. The following topics are covered:

Denying RFC 1918 routes
UDP and TCP servers
Finger service
IP unreachables
ICMP Redirect messages
Directed broadcasts
Proxy Address Resolution Protocol (ARP)
IP Unicast
IP source routing

Denying RFC 1918 Routes

All border routers within a company that is concerned with security should have some specific routes denied. RFC 1918 defines the ranges of IP addresses available for use on the Internet, ...

Get Cisco® Secure Internet Security Solutions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco® Secure Internet Security Solutions by Mark Newcomb, Andrew Mason

Recommended Minimum IOS Security Settings

Denying RFC 1918 Routes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly