- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Securing the Cisco Local Director
- Abstract
- A major risk of implementing network appliance load balancers can be the default or improperly configured network services on the device itself. Most load balancers have at least one interface in the same subnet as the Web servers for which they balance the load. If this interface, for example, is configured to run an SNMP server with a default or easily guessable read-write community string, and a hacker was to exploit the one vulnerable system mentioned above, chances are it would only be a matter of time until this hacker gains control of the load balancer as well. Thus, these appliances, alone, can be just as vulnerable as any other improperly configured system on a TCP/IP network. This paper documents specific implementation steps required to secure a well-known, widely implemented network appliance load balancer: The Cisco LocalDirector.