[c-nsp] What is The Best Configuration per Interface (Catalyst
Switch 3500)?
Daniel Roesen
dr at cluenet.de
Tue Nov 2 04:09:57 EST 2004
On Mon, Nov 01, 2004 at 09:31:44AM +0100, Per Carlson wrote:
> > no cdp enable
>
> Even if CDP is disabled on the port, the swich does process CDP-packets
> entering the port.
Can you elaborate on that?
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_security_notice09186a0080093ef0.html
Cisco recommended disabling globally or on interface level as a
workaround for this vulnerability, which suggests, that CDP packets
are not being processed when CDP is disabled on per-interface level.
Regards,
Daniel
--
CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0
More information about the cisco-nsp
mailing list