To harden a router is to render it more heavily defended and more difficult to attack. Because routers (by definition) serve as points of entry into your network, it makes sense to devote extra effort to their security. Hardening Cisco Routers
shows how to make adjustments to the configurations of routers from Cisco Systems to improve their resistance to attack, particularly external attack. This is essentially a book of specialized Internetwork Operating System (IOS) commands, as well as explanations of their behavior. It'll appeal to the router administrator--employed either by an organization's internal network staff, an outside consultancy, or a service provider--who wants to know which IOS commands he or she should add to routers' configuration files to tighten their security without a lot of hassle.
The great thing about this book is that you can approach it in either of two ways. If you just want to clamp down on your routers' security weaknesses as soon as possible, you can begin with the checklists at the end of each chapter (each of which focuses on a particular area, like SMTP) or the big one in an appendix, which is comprehensive. These checklists include both "how" and "why" information, as exemplified by "Disable ICMP broadcasts with the no ip directed-broadcast command." If you want more information on the big picture, or want to prepare for a specific kind of attack, read the individual chapters for detailed advice on how to set IOS to behave as you want. --David Wall
Topics covered: Internetwork Operating System (IOS) commands you can use to protect Cisco Systems routers from a variety of attacks. Specialized sections deal with security assessment, auditing, access control, privileges, optional services, and the legal importance of your login banners' contents.
"This slim tome is a veritable gem of a book. It is written in a logical and clear style that permits reading from start to finish, but each specific section is complete in it's own right and as such it allows the reader to pick up the book and dip read satisfactorily. I learnt things from this book, and for me that is the best recommendation I can give." - Raza Rizvi, news@UK