Options
Auto-Secure/Security Audit
Bl8ckr0uter
Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
Well after reading about what these do (some time ago) I thought cisco routers were wide open out of the box. However while doing a lab, I ran n.map on my one of my routers this is what I found:
Not the big wide open box I would have thought. Also there were only 3 services running. I have not run auto-secure or security audit on this box yet. What gives? Why so few open ports? I can post my config if that helps.
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
23/tcp open telnet Cisco router
1720/tcp open H.323/Q.931?
5060/tcp open sip-proxy Cisco SIP Gateway (IOS 12.x)
MAC Address: 00:11:93:CA:E4:A4 (Cisco Systems)
Not the big wide open box I would have thought. Also there were only 3 services running. I have not run auto-secure or security audit on this box yet. What gives? Why so few open ports? I can post my config if that helps.
Comments
-
Options
mikem2te
Member Posts: 407
A port scan is only going to show open tcp / udp ports so all the layer 2 & 3 vulnerabilities will not show, things like CDP, ICMP, Spanning tree, certain routing protocols etc.
Upper layer protocols are mostly disabled until enabled. I believe the tcp & udp servers are now disabled by default on later IOS versions. SNMP is off until a community string is defined, similarly ssh, http, https, t.f.t.p. are not enabled by default.Blog : http://www.caerffili.co.uk/
Previous : Passed Configuring Microsoft Office SharePoint Server 2007 (70-630)
Currently : EIGRP & OSPF
Next : CCNP Route