Cisco “Confidential” files exposed due to “SMBITINABOX” Databreach risking $49 Billion in sensitive Cisco trade secrets

An independent security researcher discovered that an archive of files on Google from Cisco websites on their internal network is currently accessible. The following Link shows the thousands of files accessed via Google "Click the following Link" > ( Cisco Confidential thousands of files accessible) (2017). Currently, private investigations found this to be the result of an incorrect security setting following system maintenance on internal Cisco servers. Upon learning this, the setting is not currently corrected and user passwords to the site were also retrieved to allow a crafty hacker to gain access because of the confidential document to be able to be accessed on the outside world. Because Cisco takes its responsibility to protect information seriously, and since many people on Internal Cisco network use these confidential trade secret documents to win competition business over other competitors. Many tutorials are out on the internet and even your typical CCNA or CCIE Cisco certified professional should be able to make sense of this major flaw? Anti-hacking (password guessing) features on your FTP server should be enabled. Your FTP Server should have settings for how many invalid password attempts can be made before the user (or program) is locked out. Ideally, this should be set at about, but no higher than this makes the time between attempts much longer and reduces the likeliness of password guessing. Anti-hammering features should also be enabled.

This helps to prevent Denial of Service (DoS) attacks. A DoS attack is a way of making a server unavailable to its users by using a program to saturate the target server with communication requests. This makes the server so busy that it cannot process the legitimate file transfer requests. Your FTP Server should have settings for the maximum number of requests per second that the server will allow. The minimum setting should be about 40 connections per second. If you have very high traffic to your server, you may want to set this number a bit higher, so that you don’t lock out legitimate traffic. Setting it lower will make it more secure, but increases the risk of blocking actual user requests. It’s important to carefully consider this balance, and to look at your FTP server log files to determine normal usage ranges. Disable anonymous access – or use with extreme caution. In many FTP servers, there is actually a user named “anonymous.” If you use anonymous access, make sure that this user is locked into their home directory and has read-only privileges. Even if you do this, logging in as anonymous may enable the user to determine which port you use for FTP and which version of the FTP Server software that you are running. They can easily do research to determine if any security vulnerabilities exist in the FTP software version you are running. The best practice, if you need to offer downloads through anonymous access, is to put those files on a dedicated FTP server that sits outside your DMZ. As for damages to be sought or to blame it at the following Link > “Link: (SMBITINABOX)” data breach is to be determine by Federal Supreme Court to were ever the jurisdiction of the case is trialed.