1. Limit the maximum number of prefixes that you 
learn from BGP peer, to avoid overload of your machine.

router bgp 300
neighbor 10.0.23.2 maximum-prefix 30000

2.Deny updates that include a private AS number in the AS path (64512 - 65535)

router bgp 300
neighbor 10.0.23.2 remove-private-as

3.Use ACLs on your external interface to permit input/output BGP packets only from your defined source and destination

access-list 150 permit tcp host 10.0.23.2 host 10.0.23.3 eq bgp
access-list 150 permit tcp host 10.0.23.2 eq bgp host 10.0.23.3
access-list 150 deny tcp any any eq bgp
access-list 150 deny tcp any eq bgp any
access-list 150 permit any any

interface Serial 0/0
description -> to R2
ip address 10.0.23.3 255.255.255.252
ip access-group 150 in

4. Limit TTL in BGP packets to limit the communication only with next-hop peers.

router bgp 300
neighbor 10.0.23.2 ttl-security hops 1

5. Use a password  to authenticate BGP peer neighbors.

router bgp 300
neighbor neighbor 10.0.23.2 password Wh@t3ver!


6.Limit the maximum length of  the AS path.

router bgp 300
bgp maxas-limit 60