Which commands are disabled by default on Cisco routers/switches ?

But don't show in the configuration when using the command
'show run all'

I know ftp,tftp, ntp, small services ,snmp , finger , icmp mask-replies / directed broadcast , keepalives , logging ,etc are disabled by default -- but does any one know which commands DONT show in the config (unless you enable them ) --we are looking at images from 2011 (15.1)
This is from a security hardening perspective .

I cant find any documentation pertaing to this on Cisco's gargantuan site .
Who is Participating?
Nayyar HH (CCIE RS)Connect With a Mentor Network ArchitectCommented:
You might find this useful - Cisco Guide to Harden Cisco IOS Devices

Garry GlendownConsulting and Network/Security SpecialistCommented:
To view the current config with all defaults also listed, do "show run all" ... maybe this is what you're looking for ...
benthomasAuthor Commented:
Apologies for the late reply - what I require is a link to a Cisco document that details commands that are NOT in the configuration (unless enabled ) as stated in the original question .
An example is 'no icmp broadcast' which will not show in the configuration file --unless it is implicitly enabled - from an evidence point of view I require a document detailing that the listed commands are not enabled .
All points to anyone who can send the link please
benthomasAuthor Commented:
I already have the document given in the link - but thanks anyway .
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.