Pray it has 'service config' set and configure a tftp server to upload a
config with an ip. I've never done it, but I guess it could work.
In fact, does anyone know if allowing 'service config' to remain on a router
is a security risk? If you have a tftp server listening, you'll see the
broadcast request for the boot config file, and I can't see how any security
could be passed to stop/block getting the wrong config? I always just set
'no service config' as a matter of best-practices whenever configuring a
router, but I'm wondering if anyone else has tested this?
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
""Brian Dennis"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Anyone know how to get to a Cisco router remotely that doesn't have an IP
> address configured on it? Going in through a console, aux or async line
> doesn't count.
>
> Brian Dennis, CCIE #2210 (R&S)(ISP/Dial) CCSI #98640
> 5G Networks, Inc.
> [EMAIL PROTECTED]
> 925) 260-2724
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > EA Louie
> > Sent: Friday, May 04, 2001 9:00 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Disable telnet port [7:3237]
> >
> >
> > If you have the right version of IOS, you can
> > transport input ssh
> >
> > and to answer Chuck's questions, there is a way to disable telnet and
> > everything else,
> > transport input none
> >
> > ----- Original Message -----
> > From: Jacques Atlas
> > To:
> > Sent: Friday, May 04, 2001 3:12 PM
> > Subject: RE: Disable telnet port [7:3237]
> >
> >
> > > On Fri, 4 May 2001, Chuck Larrieu wrote:
> > >
> > > |By "telnet port" do you mean TCP port 23. Or do you mean the VTY's
> > > |themselves?
> > > |
> > > |If the latter, the most effective way is to require a login but set
no
> > > |password.
> > > |Eg
> > > |
> > > |Line vty 0 4
> > > |Login
> > >
> > > anyone know if you can _disable_ telnet to a cisco and only ssh ?
> > >
> > > something like "no service telnet" would be great
> > >
> > > --
> > > jacques
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3351&t=3287
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
