David’s Cisco Networking Blog

Oct 9 2007   8:19PM GMT

Common Sense is sometimes all it takes to protect your network from attackers

David Davis David Davis Profile: David Davis


In a recent Information Week article, “A Crook Comes Clean“, a conviced malicious hacker admitted to helping a crime organization hack into companies networks and steal resources like thousands of minutes of free VoIP usage. One of the most obvious statements he made was this:

“it would have been easy for IT and security managers to detect him-if they’d been looking. “If they were just monitoring their boxes and keeping logs, they could easily have seen us logged in there,” he said. “If they had intrusion-detection systems set up, they could have easily seen that these weren’t their calls.”

IT technicians also could have set up access lists, telling their networks to allow only their own IP addresses to get in. “We came across only two or three boxes that actually had access lists in place,” Moore added. “The telecoms that we couldn’t get into had access lists or boxes that we couldn’t get into because of strong passwords.”

I think that this is a good reminder for us all to follow the basic security practices to secure our network. To me, this is as simple as what you should be doing to secure your data center physically – locks on the doors, no windows, strong doors, controlled access, etc.

I have published a number of articles and videos on how to secure your network. For example, here is a video on securing your router using IOS Access-Lists (ACL): FREE VIDEO: Harden your Cisco Router with IOS ACLs

Additionally, SANS has a great document on securing your network:SANS: Cisco Router Hardening Step by Step


  1. change default passwords & use complex passwords
  2. use protocols that are secure (no http and telnet to manage routers)
  3. password protect all entrances to the router and routing protocols
  4. Apply ACL on your router to control management access and prevent spoofing
  5. Use a firewall (in the router or a stand-alone box) to control inbound and outbound network access to and from the Internet

So much of security is just common sense and taking time to apply it.

Have a great day!

David Davis, CCIE

Personal Website: HappyRouter.com – home of Cisco how-to articles & videos
David Recommends:
HappyRouter Cisco CCNA & CCNP Video Training Series
Cirro – Quote Telecom Internet, Voice, and Data T1 circuits from an unbiased source

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: