[c-nsp] Possible security issue with CDP
Jared Mauch
jared at puck.nether.net
Fri Jun 27 07:24:16 EDT 2008
On Fri, Jun 27, 2008 at 06:42:27AM +0300, Hank Nussbacher wrote:
> On Thu, 26 Jun 2008, Aaron wrote:
>
> No. It was disabled per specific interfaces. That interface had cdp
> turned off but changing from ppp to hdlc overrode the specific cdp
> command we had set on the interface.
Which makes as much sense as enabling/disabing an access-list on
the interface. It sounds like something is really not right over
at Cisco. What other things will they do? add some random other feature
like turn on appletalk or decnet when you change the encapsulation?
I doubt those random features even nvgen that they're enabled so you may
not even have a clue. Not good.
- jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the cisco-nsp
mailing list