Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6892
Views
0
Helpful
3
Replies

TFTP Server on Cisco Router/Switch

CartoGraph
Level 1
Level 1

‎05-24-2018 10:56 PM - edited ‎03-08-2019 03:08 PM

Hello,

 

I saw, by using a port scan, that the tftp upd port is open.

 

Is there any threat?

It is possible to turn it off?

 

Thank You!

 

 

PORT   STATE         SERVICE
69/udp open|filtered tftp
Nmap done: 1 IP address (1 host up) scanned in 0.45 seconds

 

Labels:
0 Helpful
3 Replies 3

shimenoy
Spotlight
Spotlight

‎05-24-2018 11:23 PM

Hi :)

Sometimes these vulnerabilities are also present, so you should disable it if you don't need it.
e.g. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp

Please see "Workarounds".
0 Helpful

CartoGraph
Level 1
Level 1
In response to shimenoy

‎05-24-2018 11:54 PM

Thank for your reply,

 

I have no tftp-server lines in my configuration.

 

NR01#show running-config | i tftp
NR01#show running-config | i ftp
NR01#

 

 

Even so, the port seems to be open.

 

Any clues why and how can I turn the service off since I do not need it?

 

Regards.

0 Helpful

shimenoy
Spotlight
Spotlight
In response to CartoGraph

‎05-25-2018 01:21 AM

Well, I also tried nmap with my c890(15.1(4)M1), but 69/udp is closed.
Can you post the result of the following command?

# show control-plane host open-ports
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card