[c-nsp] Vulnerabilities in HTTP server on Catalyst Switches
John Neiberger
jneiberger at gmail.com
Thu Jun 9 11:28:56 EDT 2005
I'm having a disagreement with a security admin and I wanted to get
some opinions.
Can any of you think of a good reason to leave the http server on a
Catalyst switch turned off? I understand that it's best to leave
services turned off if you don't need them, but what if you want to
use Cisco Network Assistant, for example, and that requires you to
turn on the http server?
The security admin just says "it's best practice to leave it off" and
doesn't back it up with any useful information.
What do you all think? Is there any real security risk by giving
someone read-only access through CNA? I don't see a downside to it.
Thanks,
John
More information about the cisco-nsp
mailing list