During the Black Hat USA 2009, Felix “FX” Lindner has presented his researches concerning the exploitation of memory corruption software vulnerabilitiesin Cisco IOS.
“The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild [...]

Cisco Network Foundation Protection (NFP) is an umbrella strategy encompassing Cisco IOS Security features that provides the tools, technologies, and services that enable organizations to secure their network foundations. NFP helps to establish a methodical approach to protecting router planes, forming the foundation for continuous service delivery.
The router is typically segmented into three planes of [...]

In this article I would explain some tips for securing Cisco administrative access.
When creating passwords, keep these rules in mind:

Make passwords lengthy
Passwords should combine letters, numbers, and symbols. Passwords should not use dictionary words
Change passwords as often as possible

Strong passwords are the primary defense against unauthorized access to your router. The best way to manage [...]

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability!
See below to understand BPDU attack:
In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that [...]

Due to the number of CLI commands needed to manually disable services in an attempt to make the router more secure, Cisco introduced the AutoSecure feature from the Major Release 12.3 and subsequent 12.3 T.
AutoSecure is a good command for customers without special Security Operations Applications because it allows them to quickly secure their network [...]