6/18/08

Router Rooter

I've praised the Radio Free Security, Watchguard's security podcast, before. The June offering included Dave Piscitello on how to "Prevent Domain Hijacking." The basic idea is that "Router-based rootkit shows some old attacks are new again." It reminded me of a column I did for WatchGuard in 2002! As Scott Pinzon writes on their blog page
Attacks on routers are not new. Before Trojan horse and virus attacks became so devilishly easy to launch, attacks against the basic protocols in the Internet were accomplished through routers and their undying and exact support of those protocols, built-in weaknesses and all. And if you appreciate that last sentence, you may want to read the article that I stole it from. Fred Avolio's concise steps toward "Basic IP Router Security" was written in 2002, yet … every word is still useful today. If you were ordered to harden your routers, would you know what that means, and more importantly, what to do? Check out Fred's article, which is suitable no matter what brand of router you use. Then, for extra credit, take a look at the Cisco paper, "Guide to Harden Cisco IOS Devices."

No comments: