06-21-2006 01:45 AM
We need to trace all the switches and routers connection in the office and will require the protocol cdp enabled.
Please what are the advantages/disadvantages and Vulnerability of enabling this protocol?
What is the best practice?
Thanks
Solved! Go to Solution.
06-21-2006 02:47 AM
Do you have a CCO login?
If so:
http://www.cisco.com/en/US/customer/tech/tk962/technologies_tech_note09186a00801aa000.shtml
Otherwise:
http://www.google.com.au/search?hl=en&q=cdp+protocol+cisco&meta=
06-21-2006 02:41 AM
Best practice is disable CDP on any interfaces accessible from outside your network.
CDP can be used by intruders to determine:
Device type
IOS version
IP address
And more....
With this information in hand a network can be compromised quite easily, especially if out-dated IOS versions are being used.
HTH
06-21-2006 02:42 AM
Thanks
Is there any documentation I can read further on this as I need to convince my boss.
Thanks
06-21-2006 02:47 AM
Do you have a CCO login?
If so:
http://www.cisco.com/en/US/customer/tech/tk962/technologies_tech_note09186a00801aa000.shtml
Otherwise:
http://www.google.com.au/search?hl=en&q=cdp+protocol+cisco&meta=
06-21-2006 07:37 AM
You can disable cdp globally using no cdp run
or disable cdp on certain interfaces
config t
int x/x
no cdp enable
this way you can turn it off with points which might have external network connections such as border routers.
HTH
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide