[134832] in North American Network Operators' Group
Re: Cisco Sanitization
daemon@ATHENA.MIT.EDU (John Orthoefer)
Wed Jan 12 09:58:37 2011
From: John Orthoefer <jco@direwolf.com>
In-Reply-To: <DD17DCA4DBB14A44870126211203BE9D021FA424E6EA@CHNMICMBX02.ManTech.com>
Date: Wed, 12 Jan 2011 09:58:24 -0500
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Really the only way to to clean devices with flash is to destroy the =
flash. At a very least you'll need to reflash them with the current =
OS. =20
Here is a copy of the DOD Guidelines for every thing...
http://it.ouhsc.edu/policies/documents/infosecurity/DoD_5220.pdf
The flash answer is to use something to write to EVERY address, then =
erase, or just pulverize it.
johno
On Jan 12, 2011, at 9:41 AM, Green, Timothy wrote:
> Hey all!
>=20
> I'm currently creating a sanitization guide for all my hardware. When =
I got to my Cisco devices I noticed there are numerous ways to reset =
them back to the default and clear the NVRAM. Does anyone have a guide =
that includes sanitization information for all Cisco devices(at least =
switches, routers, IDS's, and ASA 5500 Series) so I don't have to =
recreate the wheel?
>=20
> Thanks,
>=20
> Tim
>=20
>=20
