Version 2.0.1

Start Here - Border Router Security Tool (BRST)

"Securing the Internet one router at a time."

Steps to successfully using the BRST

A guide to preparing for and using the BRST to successfully create and load a the secure configuration file.

The Border Router Security Tool (BRST) is a free, open source, web based utility which asks for some information about your router and generates a recommended secure configuration file when you submit the information.

  • Step 1: Create a backup file of the router's current configuration.
    • Step 1a: Making a backup file of the router's current configuration:
    • Step 1b: In your terminal emulation software, start a log file capture, then do a show run. Save the file created (Be sure to name the file with a .txt extension and save it to a location you'll remember).
    • Step 1b1: If using TeraTerm, go to File, then Log in the menu. (Remember where you saved it and the name).
    • Step 1b2: Make sure you're captured your entire configuration file.
    • Step 1c: When using this method of backing up, you will have --more-- several times in the captured file. You will have to delete the lines that say --more-- before reusing the configuration.
    • Step 1d: Depending on what you typed while doing this, you may also have additional text or output to remove at the top and bottom of the configuration.
  • Step 2: Test that your backup configuration file works (complete steps 8 through 16 below with your existing configuration file prior to continuing).
  • Step 3: Enter the information requested in the Normal or Advanced web form then click [Submit].
  • Step 4: In your browser, select the text from the !Start Copying Config File Here! to the !Stop Copying Config File Here! labels.
  • Step 5: Copy the selected text to the Windows, or Linux clipboard by right clicking and selecting "copy" or hitting Ctrl-C.
  • Step 6: Open Notepad or the text editor or your choice and copy the contents into the text file.
  • Step 7: Save a copy of the text file in a safe place, preferably in a place where it is backed up to backup media.
  • Step 8: Clear your configuration by being in configure mode and typing write erase then reload.
  • Step 9: Select and copy the contents of the text file to the Windows or Linux clipboard again, unless it's still there from before.
  • Step 10: Open a terminal emulator such as Putty or TeraTerm and connect to your router via the Console port.
  • Step 11: Once connected, paste the generated configuration file directly into the console.
  • Step 12: Watch for any errors during the copying of the configuration file.
  • Step 13: If there were no errors, type wr mem (write memory), or use the "official" command copy running-configuration startup-configuration and hit <enter>. You're done!
  • Step 14: If there were errors, read them and search for answers (Google is your friend).
  • Step 15: If the errors don't impact the functionality or security of your router, do Step: 13 above.
  • Step 16: If the errors are serious, or your router won't function without resolving them, copy your original configuration file back onto the router, and try again when you find a solution.

Disclaimer and Licensing

The "fine print."

This software is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco, Cisco Systems, and IOS are registered trademarks of Cisco Systems, Inc. in the USA and certain other countries. All other trademarks are trademarks of their respective owners.

BRST - Border Router Security Tool, Helps administrators secure their border routers. Copyright © 2014 Ted LeRoy

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

A local copy of the license can be found at copying.


Source code can be obtained at: