Solved

Cisco 2901 line 2 port 2002

Posted on 2014-01-03
4
2,855 Views
Last Modified: 2014-01-03
I have a vulnerability scan performed by an outside vendor. My Cisco 2901 keeps getting flagged for having port 2002 open, which is a common port for some worms or something.

After doing some research I think that port 2002 is associated with line 2. Does anyone know how to close/remove this port and make some changes to line 2 so this port doesnt show up on my vuln scans?? Thanks so much for any help.

line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
0
Comment
Question by:cb_it
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 39753816
We can not close only port 2002 on Line2.

Either we have to disable line2 completely or limit access to it defining an access-list.

Please check This
0
 

Author Comment

by:cb_it
ID: 39753824
Thanks for the quick reply. I dont think I'm using line 2, how would I find out if I'm using it. How would I disable it?
0
 
LVL 11

Accepted Solution

by:
Miftaul earned 500 total points
ID: 39753850
"Show Run" output will display the Line 2 configuration.
"Show Line" displays Line2 to details.

To disable Line 2 completely.
R1(config)#line 2
R1(config-line)#transport input none
R1(config-line)#end

Open in new window

Your config will look like
line 2
 transport input none

Open in new window

0
 

Author Comment

by:cb_it
ID: 39753886
That worked, thanks very much for the help. I'm familiar with all of those commands but wasnt sure it would be that simple for line 2. I was not that familiar with line 2. Thanks again!
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question