Cisco's site is pretty big to find anything for a newbie. If you can implement all the recommendations here:
http://www.dhs.gov/interweb/assetlibrary/NIAC_HardeningInternetPaper_Jan0 5.pdf your way ahead of most networks. Ted >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] Behalf Of Chuck Swiger >Sent: Thursday, February 09, 2006 4:41 AM >To: Mark Jayson Alvarez >Cc: freebsd-questions@freebsd.org >Subject: Re: need some advice on our cisco routers.. > > >Mark Jayson Alvarez wrote: >>> We have a couple of cisco routers. There was one time when >suddenly we cannot >> login remotely via telnet. I investigate further and was >shocked when I found >> out that there where 16 telnet connections coming from >outsiders ip addresses. I >> immediately called our Director(the only cisco certified guy >in the office) and >> he begin kicking each of the telnet connections one by one. >He then replaced >> every "secret/password" and deleted all unnecessary local >accounts. However, >> we're still wondering how those hackers got into the system. >Now this cisco's >> aaa is default to a radius server. Since then, outsiders have >gone away.. >> Perhaps the hackers got one of the router's local accounts, >and trying to brute >> force their way to enable mode. > >Did you keep careful logs of who was connecting from where so >someone could >start tracking things down? Have you contacted your local >police and FBI, or >whatever the local equivalent is? (Don't bother unless you can >claim more than >$2000 or so in damages, however.) > >Most importantly, have you contacted Cisco? Asking for >security advice about >their routers here is not the right place to gain such >information. cisco.com's >got a large, informative site.... > >-- >-Chuck >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"[EMAIL PROTECTED]" > >-- >No virus found in this incoming message. >Checked by AVG Free Edition. >Version: 7.1.375 / Virus Database: 267.15.3/254 - Release Date: 2/8/2006 > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"