• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 299
  • Last Modified:

Which commands are disabled by default on Cisco routers/switches ?

But don't show in the configuration when using the command
'show run all'

I know ftp,tftp, ntp, small services ,snmp , finger , icmp mask-replies / directed broadcast , keepalives , logging ,etc are disabled by default -- but does any one know which commands DONT show in the config (unless you enable them ) --we are looking at images from 2011 (15.1)
This is from a security hardening perspective .

I cant find any documentation pertaing to this on Cisco's gargantuan site .
0
benthomas
Asked:
benthomas
  • 2
1 Solution
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
To view the current config with all defaults also listed, do "show run all" ... maybe this is what you're looking for ...
0
 
benthomasAuthor Commented:
Apologies for the late reply - what I require is a link to a Cisco document that details commands that are NOT in the configuration (unless enabled ) as stated in the original question .
An example is 'no icmp broadcast' which will not show in the configuration file --unless it is implicitly enabled - from an evidence point of view I require a document detailing that the listed commands are not enabled .
All points to anyone who can send the link please
0
 
Nayyar HH (CCIE RS)Network ArchitectCommented:
You might find this useful - Cisco Guide to Harden Cisco IOS Devices

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
0
 
benthomasAuthor Commented:
I already have the document given in the link - but thanks anyway .
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now