06-13-2008 01:18 AM - edited 03-05-2019 11:36 PM
Hi Experts,
I wanted to know the default services running on Cisco switches.
Is there any way by which i can identify the services running on cisco switch.
Thanks in advance.
06-13-2008 01:36 AM
Hi,
You can issue:
show processes
With this command you can see all the processes running.
I hope this helps.
Best regards.
Massimiliano.
06-13-2008 02:04 AM
Hi,
Thanks for your reply, but my requirement is to harden the switch so i want to stop unwanted services like finger service, tcp-small-servers etc.
Regards
Shamundar
06-13-2008 03:13 AM
If the switch is supported by "Cisco Router and Security Device Manager (SDM)", it suggests (and can implement) security configuration modifications. (NB: There's a newer recently released renamed version of this package, by I don't recall what it's called.)
You could also examine the various documents Cisco has on the subject, e.g. http://www.cisco.com/en/US/netsol/ns744/networking_solutions_program_home.html
06-13-2008 03:43 AM
You can also look at the IOS Auto-secure command (joseph, not sure whether u were reffering to the same thing)
Narayan
06-13-2008 06:28 AM
Narayan, no I'm referring to running SDM or the newer Cisco Configuration Professional (the name I couldn't recall in my previous post), externally. (Auto-secure is a good suggestion too.)
06-13-2008 10:51 AM
If the goal is to harden the switch, then consider using an audit tool.
The following site has benchmarks for Cisco devices etc., that can help you evaluate the security of your configurations.
I have not explored these particular benchmarks yet, but they appear to be worth pursuing.
Might take a look at Nipper as well:
http://sourceforge.net/projects/nipper
They will identify services that are running, but should be shutdown to improve your security posture.
06-13-2008 07:20 AM
Hello Shamsundar,
If the switch is atleast configured with one ip address, the following command "" sh ip sockets ""will list the default services that switch will listen on. however, it will not accept the packets destined to that port unless appropriate configuration is done for those services.
NOTE: The above command will list only udp sockets and to view active TCP connections, you need to use "sh tcp brief "
This links gives general guidelines to harden Cisco devices running IOS
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
HTH
Padmanabhan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: