Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
2395
Views
0
Helpful
3
Replies
Highlighted
CartoGraph
Beginner
Beginner
‎05-24-2018 10:56 PM
‎05-24-2018 10:56 PM

TFTP Server on Cisco Router/Switch

Hello,

 

I saw, by using a port scan, that the tftp upd port is open.

 

Is there any threat?

It is possible to turn it off?

 

Thank You!

 

 

PORT   STATE         SERVICE
69/udp open|filtered tftp
Nmap done: 1 IP address (1 host up) scanned in 0.45 seconds

 

Labels:
0 Helpful
3 REPLIES 3
Highlighted
shimenoy
Beginner
Beginner
‎05-24-2018 11:23 PM
‎05-24-2018 11:23 PM

Hi :)

Sometimes these vulnerabilities are also present, so you should disable it if you don't need it.
e.g. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp

Please see "Workarounds".
0 Helpful
Highlighted
CartoGraph
Beginner
Beginner
In response to shimenoy
‎05-24-2018 11:54 PM
‎05-24-2018 11:54 PM

Thank for your reply,

 

I have no tftp-server lines in my configuration.

 

NR01#show running-config | i tftp
NR01#show running-config | i ftp
NR01#

 

 

Even so, the port seems to be open.

 

Any clues why and how can I turn the service off since I do not need it?

 

Regards.

0 Helpful
Highlighted
shimenoy
Beginner
Beginner
In response to CartoGraph
‎05-25-2018 01:21 AM
‎05-25-2018 01:21 AM

Well, I also tried nmap with my c890(15.1(4)M1), but 69/udp is closed.
Can you post the result of the following command?

# show control-plane host open-ports
0 Helpful
Latest Contents
Profiling and Rule Management in Cisco AI Endpoint Analytics
Created by faylee on 09-30-2020 03:09 PM
0
0
0
0
IntroductionEndpoint Meta Data SourcesSoftware Defined Application Visibility and Control (SDAVC)ISE Parity   Introduction Cisco AI Endpoint Analytics (EA) has 3 primary responsibilities.  1. EA aggregates meta data from various sources such a... view more
ISP failover setup with Cisco 3650 Switches
Created by opsmaster on 09-30-2020 03:09 PM
0
0
0
0
I have another question: I will be installing a second isp route on my network, it will be a failover, in case the first ISP connection fails. Can I configure a Switch WS-C3650 switch for failover in case something happens to our main ISP?If so,... view more
Cisco AI Endpoint Analytics and Cisco ISE Integration
Created by jeaves@cisco.com on 09-30-2020 02:28 PM
0
0
0
0
IntroductionEndpoint Meta Data SourcesSoftware Defined Application Visibility and Control (SDAVC)ISE Parity   Introduction   This article is being written to explain the integration between Cisco AI Endpoint Analytics and Cisco ISE with particu... view more
Cisco Switch 9200L stucking at booting
Created by nmyamani on 09-30-2020 02:24 AM
1
0
1
0
Dear all, I was trying several times to bootup Catalyst 9200l 24 PoE+ 4x1G but it was stuck at this line all time.*Sep 30 09:00:52.320: %SMART_LIC-5-COMM_RESTORED: Communications with the Cisco Smart Software Manager (CSSM) restored Please help/... view more
Networking Products Overview (Fall 2020)
Created by Kelli Glass on 09-25-2020 02:47 PM
0
0
0
0
Welcome to the overview guide that covers the latest in Cisco Networking innovations and new product introductions. You'll find information on promotions and free trials, as well as exclusive upcoming product deep-dive sessions in the Networking and Data... view more
Content for Community-Ad