[c-nsp] TIL: Maintenance Operations Protocol (MOP)
Nick Hilliard
nick at foobar.org
Wed Apr 13 12:05:00 EDT 2022
Drew Weaver wrote on 05/08/2021 19:20:
> Yes, in my research I noticed that OS image age has nothing to do
> with it. Newer images with different trains have it enabled, older
> images in totally other trains as well.
>
> Also even though it appears to emulate VTY simply configuring the
> transports doesn't disable it.
>
> I mostly mentioned it because when I did some Googling I noticed it
> is referenced as being included in IOS XE.
>
> It should be forcibly removed entirely in my opinion.
looping back on this, Cisco have opened a couple of bug IDs (CSCwa57951
and CSCwa91505), and have (re-)published a blog entry here:
> https://blogs.cisco.com/security/router-spring-cleaning-no-mop-required-again
tl;dr: fixes will appear in ios XE 17.9(1). Until then, "no mop enabled"
will be required on a per-interface basis.
Thanks to all in Cisco for getting this on the dev+fix radar!
Nick
More information about the cisco-nsp
mailing list