Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3766
Views
0
Helpful
1
Replies

Switch UDP 123 Port OPEN

William Chen
Level 1
Level 1

‎05-13-2014 07:20 PM

Our Switch (3750 & nexus 5000 & nexus 7000) be scan with udp 123 and 161 port open on management interface.

 

I know it's open for NTP and SNMP. But for our Security policy it's not allowed.

 

Any body know how to close it ??

 

Not only acl block but also port close(can not be find out with port scan tool).

 

 

thanks.

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-13-2014 07:49 PM

Your policy is to turn off ntp and snmp to make the switches more secure? That's a bit unusual since both, when configured properly, are considered best practices with respect to security.

Depending on the switch (IOS or NX-OS) you can generally use the "ntp disable" (on the L3 interface) or "no ntp enable" command.

If there's no snmp community set, the switch should not be snmp-enabled. Once one is set, the best you can do is to protect it with an access-list.

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

li.common.scroll-to.top