On Mon, 12 Dec 2011 13:38:00 +0000
Kevin Chadwick wrote:

> Hard to recall but I'll try to list them
> somewhere as they come to me now.


Here's one example that's just come to me and that I configured but
never put in production. I acquired a free and supposedly good Cisco
router. I configured it and disabled the web server router
advertisements and all the other stuff it spits out by default that I
had no need for. Later an exploit in those very communications,
gratifying but no risk avoidance. Cisco have also had exploits in ipv6
and in other cheaper devices, default web root passwords etc..

Unless you need the performance I really wouldn't go near Cisco any
more. My cousin uses sonicwall, atleast one model uses assembly to speed
it up, which I'd look at in that case. Cisco's Senderbase use some dumb
mail reputation rules too, probably because I think it's a middle man
without the whole picture.