Secure Perimeter Routers & Disable Services & Logging

The general rule for perimeter router is to disable the unnecessary services on it. Some services are useful but not often used, like: TCP & UDP, NTP, CDP, and Finger, these services can be disabled using their individual commands.
As mentioned , router determines whether a data packet can pass through the network hence securing it is very important for defending our private network. There are many categories of configuration for the router.

Patches & Updates
Staying up-to-date with the latest updates and patches by subscribing to the manufacture of the network hardware.

Protocols
Dos usually take advantage of vulnerabilities which are of protocol-level. By using ingress and egress filtering, or screen ICMP traffic from internal network we can counter these kind of attack.
Using ingress and egress filtering
By setting up the router to route only outgoing packets with a valid internal IP address.Verify outgoing packets. These things would not protect us from DoS, but can keep suck attacks from originating from our own network. This would also be easier to trace the originator, as the attacker would have to use a valid and reachable source address.
ICMP traffic
By blocking ICMP traffic at the other perimeter router we can prevent attacks such as: ping flood.

Administrative access
Decide which interface and ports administration connection is allowed and which network the administration is suppose to be perform.  Restrict access to the decided interfaces and ports, and encrypt them and have countermeasures against hijacking into these interfaces.


REFERENCE : http://etutorials.org/Networking/Cisco+Certified+Security+Professional
                        +Certification/Part+II+Securing+the+Network+Perimeter/Chapter+5+Securing+Cisco
                        +Perimeter+Routers/Limit+Unneeded+TCP+IP+and+Other+Services/

                        http://msdn.microsoft.com/en-us/library/ff648651.aspx