1. Limit the maximum number of prefixes that you learn from BGP peer, to avoid overload of your machine. router bgp 300 neighbor 10.0.23.2 maximum-prefix 30000 2.Deny updates that include a private AS number in the AS path (64512 - 65535) router bgp 300 neighbor 10.0.23.2 remove-private-as 3.Use ACLs on your external interface to permit input/output BGP packets only from your defined source and destination access-list 150 permit tcp host 10.0.23.2 host 10.0.23.3 eq bgp access-list 150 permit tcp host 10.0.23.2 eq bgp host 10.0.23.3 access-list 150 deny tcp any any eq bgp access-list 150 deny tcp any eq bgp any access-list 150 permit any any interface Serial 0/0 description -> to R2 ip address 10.0.23.3 255.255.255.252 ip access-group 150 in 4. Limit TTL in BGP packets to limit the communication only with next-hop peers. router bgp 300 neighbor 10.0.23.2 ttl-security hops 1 5. Use a password to authenticate BGP peer neighbors. router bgp 300 neighbor neighbor 10.0.23.2 password Wh@t3ver! 6.Limit the maximum length of the AS path. router bgp 300 bgp maxas-limit 60