[c-nsp] Possible security issue with CDP
Aaron
dudepron at gmail.com
Sun Jun 29 15:30:25 EDT 2008
I believe BP is to turn it off globally and turn it on per specific
interface.
I do concur that changing encap types should not reenable anything.
Aron
On Sat, Jun 28, 2008 at 3:03 PM, Hank Nussbacher <hank at efes.iucc.ac.il>
wrote:
> On Sat, 28 Jun 2008, Gert Doering wrote:
>
> Hi,
>>
>> On Fri, Jun 27, 2008 at 10:13:36AM -0700, Brandon Price wrote:
>>
>>> I am sure this is a stupid question but I have to ask..
>>>
>>> Is there any compelling reason to run CDP in a service provider
>>> environment?
>>>
>>
>> We like it. In a mostly-Cisco-Shop it's very convenient to see what is
>> connected where - even if perfect documentation would exist, it's useful
>> to check whether the documentation is correct :-) - but sometimes things
>> are set up in a hurry and documentation is less than perfect.
>>
>> Even better, you can use it on a server to see which switchport it's
>> connected to.
>>
>
> I use it for easy documenting a network and if you come into a new shop and
> need to do a pen-test, it is a good place to start in mapping out a new
> virgin network.
>
> -Hank
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list