Default services on Cisco Switches

Unanswered Question
Jun 13th, 2008

Hi Experts,

I wanted to know the default services running on Cisco switches.

Is there any way by which i can identify the services running on cisco switch.

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading. Fri, 06/13/2008 - 01:36


You can issue:

show processes

With this command you can see all the processes running.

I hope this helps.

Best regards.


machaleshamsundar Fri, 06/13/2008 - 02:04


Thanks for your reply, but my requirement is to harden the switch so i want to stop unwanted services like finger service, tcp-small-servers etc.



Joseph W. Doherty Fri, 06/13/2008 - 03:13

If the switch is supported by "Cisco Router and Security Device Manager (SDM)", it suggests (and can implement) security configuration modifications. (NB: There's a newer recently released renamed version of this package, by I don't recall what it's called.)

You could also examine the various documents Cisco has on the subject, e.g.

Joseph W. Doherty Fri, 06/13/2008 - 06:28

Narayan, no I'm referring to running SDM or the newer Cisco Configuration Professional (the name I couldn't recall in my previous post), externally. (Auto-secure is a good suggestion too.)

michael.leblanc Fri, 06/13/2008 - 10:51

If the goal is to harden the switch, then consider using an audit tool.

The following site has benchmarks for Cisco devices etc., that can help you evaluate the security of your configurations.

I have not explored these particular benchmarks yet, but they appear to be worth pursuing.

Might take a look at Nipper as well:

They will identify services that are running, but should be shutdown to improve your security posture.

padramas Fri, 06/13/2008 - 07:20

Hello Shamsundar,

If the switch is atleast configured with one ip address, the following command "" sh ip sockets ""will list the default services that switch will listen on. however, it will not accept the packets destined to that port unless appropriate configuration is done for those services.

NOTE: The above command will list only udp sockets and to view active TCP connections, you need to use "sh tcp brief "

This links gives general guidelines to harden Cisco devices running IOS




This Discussion