Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3891
Views
0
Helpful
4
Replies

CDP Vulnerability

Go to solution
londint
Level 1
Level 1

‎06-21-2006 01:45 AM

We need to trace all the switches and routers connection in the office and will require the protocol cdp enabled.

Please what are the advantages/disadvantages and Vulnerability of enabling this protocol?

What is the best practice?

Thanks

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
4 Replies 4

Go to solution
n.bowbridge
Level 1
Level 1

‎06-21-2006 02:41 AM

Best practice is disable CDP on any interfaces accessible from outside your network.

CDP can be used by intruders to determine:

Device type

IOS version

IP address

And more....

With this information in hand a network can be compromised quite easily, especially if out-dated IOS versions are being used.

HTH

0 Helpful

Go to solution
londint
Level 1
Level 1
In response to n.bowbridge

‎06-21-2006 02:42 AM

Thanks

Is there any documentation I can read further on this as I need to convince my boss.

Thanks

0 Helpful

Go to solution
peterledwidge
Level 1
Level 1
In response to n.bowbridge

‎06-21-2006 07:37 AM

You can disable cdp globally using no cdp run

or disable cdp on certain interfaces

config t

int x/x

no cdp enable

this way you can turn it off with points which might have external network connections such as border routers.

HTH

Peter

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents