recently we had a pen test against one of our Cats and it failed with an open port 69/udp open tftp. As a result I had to apply an ACL to the interface. We do not have TFTP-server configured on this Cat or any other cats on our platform but the Security Engineer claims that we must have some TFTP service running on this Cat as has never seen this failure before. My argument and question is that the CAT interface will always reply to port 69 regardless of whether we have TFTP server configured or not and the only way to stop an interface replying to port 69 is to add an acl. Which one of us is correct ?
In answer to your question, I would have thought that you should definitely not had a response, unless you are specifically running a tftp server. Do you see a tftp demon running in the "show process" output?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...