Security Basics mailing list archives

Default Services on Ciscos IOS

From: "erisk" <erisk () iinet net au>
Date: Tue, 21 Oct 2003 14:53:44 +0800

Hi all,

Can someone clarify this for me re IOS default services...

As stated in the NSA router security guideline, services enabled by default
can depend on the IOS version (ie small services is enabled by default on
11.2 but disabled on 11.3). This will not necesasarily be shown in the
config...However it also stated that SNMP is enabled by default on 12.0 (and
up ?)...

Now without portscanning and if it is not show to be turned on in the config
how does one know if it is enabled or not.... I know that you should
explicitly disable the services, but for my own knowledge is there an URL
that can say exactly which IOS version and services are enabled by default?

Thanks,
Trev


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------

Current thread:

Re: scary but true, (continued)
- Re: scary but true Simon Gray (Oct 20)
- RE: scary but true Glenn Pearl (Oct 20)
- Re: scary but true Dhruv Gami (Oct 20)
- RE: scary but true Meidinger Chris (Oct 20)
- scary but true C Myers (Oct 20)
- RE: scary but true Lipski, Andrzej (Oct 20)
- RE: scary but true CHRIS GRABENSTEIN (Oct 20)
  - Re: scary but true Dan & Jessica Malloy (Oct 21)
- RE: scary but true Keith T. Morgan (Oct 20)
- RE: scary but true Keller, Tim (Oct 20)
  - Default Services on Ciscos IOS erisk (Oct 21)