Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4200
Views
0
Helpful
3
Replies

closing port 23

rpalacio
Level 1
Level 1

‎11-13-2002 10:07 PM - edited ‎03-02-2019 02:52 AM

i want to totally close port 23 on the serial of my router...vulnerability test shows it is open though i have already denied it in my access list...

thanks a lot

1 person had this problem
Labels:
0 Helpful
3 Replies 3

bobd
Level 1
Level 1

‎11-14-2002 06:16 AM

An access list applied to the serial interface of the router will block telnet traffic coming through the router, but not an attempt to telnet TO the ip of the serial interface. To prevent this traffic, you need to apply an access list to the vty interfaces of your router with the access-group command.

A doc regarding the telnet vulnerabilities and other options for removing telnet access to your router can be found at http://www.cisco.com/en/US/products/hw/routers/ps274/products_security_advisory09186a00800b1699.shtml.

Bob

0 Helpful

bhaase
Level 1
Level 1
In response to bobd

‎11-14-2002 09:53 AM

Actually having a line like:

"access-list 100 deny tcp any any eq telnet"

in your incoming ACL applied to your serial will close port 23 to your serial and your network from the outside

0 Helpful

travers.stark
Level 1
Level 1

‎11-14-2002 01:47 PM

Another way of completing this is by using "transport input none" under the vty 0 4 interface

That will close telnet completely without using access lists!!!

Travers

0 Helpful
Customers Also Viewed These Support Documents