Auto-Secure/Security Audit

Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users ■■■■■■■■□□
Well after reading about what these do (some time ago) I thought cisco routers were wide open out of the box. However while doing a lab, I ran n.map on my one of my routers this is what I found:
Not shown: 997 closed ports

PORT STATE SERVICE VERSION

23/tcp open telnet Cisco router

1720/tcp open H.323/Q.931?

5060/tcp open sip-proxy Cisco SIP Gateway (IOS 12.x)

MAC Address: 00:11:93:CA:E4:A4 (Cisco Systems)

Not the big wide open box I would have thought. Also there were only 3 services running. I have not run auto-secure or security audit on this box yet. What gives? Why so few open ports? I can post my config if that helps.

Comments

  • mikem2temikem2te Posts: 407Member
    A port scan is only going to show open tcp / udp ports so all the layer 2 & 3 vulnerabilities will not show, things like CDP, ICMP, Spanning tree, certain routing protocols etc.

    Upper layer protocols are mostly disabled until enabled. I believe the tcp & udp servers are now disabled by default on later IOS versions. SNMP is off until a community string is defined, similarly ssh, http, https, t.f.t.p. are not enabled by default.
    Blog : http://www.caerffili.co.uk/

    Previous : Passed Configuring Microsoft Office SharePoint Server 2007 (70-630)
    Currently : EIGRP & OSPF
    Next : CCNP Route
Sign In or Register to comment.