Solved

Which commands are disabled by default on Cisco routers/switches ?

Posted on 2012-03-15
4
284 Views
Last Modified: 2012-03-16
But don't show in the configuration when using the command
'show run all'

I know ftp,tftp, ntp, small services ,snmp , finger , icmp mask-replies / directed broadcast , keepalives , logging ,etc are disabled by default -- but does any one know which commands DONT show in the config (unless you enable them ) --we are looking at images from 2011 (15.1)
This is from a security hardening perspective .

I cant find any documentation pertaing to this on Cisco's gargantuan site .
0
Comment
Question by:benthomas
  • 2
4 Comments
 
LVL 17

Expert Comment

by:Garry-G
ID: 37726747
To view the current config with all defaults also listed, do "show run all" ... maybe this is what you're looking for ...
0
 

Author Comment

by:benthomas
ID: 37728286
Apologies for the late reply - what I require is a link to a Cisco document that details commands that are NOT in the configuration (unless enabled ) as stated in the original question .
An example is 'no icmp broadcast' which will not show in the configuration file --unless it is implicitly enabled - from an evidence point of view I require a document detailing that the listed commands are not enabled .
All points to anyone who can send the link please
0
 
LVL 15

Accepted Solution

by:
Nayyar HH (CCIE RS) earned 500 total points
ID: 37728741
You might find this useful - Cisco Guide to Harden Cisco IOS Devices

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
0
 

Author Closing Comment

by:benthomas
ID: 37728759
I already have the document given in the link - but thanks anyway .
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now