ccp security audit hates you…

what ccp hates about you:

CPSecurityAuditReportCard

how ccp will pretend to be your friend:

CDP will be disabled
TCP Keepalives for inbound telnet sessions will be enabled
TCP Keepalives for outbound telnet sessions will be enabled
Sequence Numbers and Time Stamps on Debugs will be enabled
Minimum Password length will be set for 6 characters or more
Authentication Failure Rate will be set for 3 retries
TCP Synwait time will be set to 10 sec
Banner will be set
Logging will be enabled
Scheduler Allocate will be set
Telnet settings will be enabled
NetFlow switching will be enabled
IP Redirects will be disabled
IP Unreachables will be disabled
IP Unreachables will be disabled on NULL interface
Unicast RPF will be enabled on all outside interfaces
Firewall will be enabled on all outside interfaces
Access class will be set on HTTP server service

do not turn off ip proxy-arp or your vpn won’t work…