Disabling Commonly Configured Management Services

Router(config)#no snmp-server enable

Disables router response to SNMP queries and configuration requests

NOTE: If SNMP is required, use SNMPv3 whenever possible. SNMPv3 offers secure communication previously unavailable in earlier versions. If HTTP or HTTPS service is required, use access control lists (ACL) to restrict access.

Router(config)#no ip http server

Disables monitoring and configuration from a web browser

Router(config)#no ip http secure-server

Disables monitoring and configuration from a secure (HTTPS) web browser

Router(config)#no ip domain-lookup

Disables undirected broadcast (255.255.255.255) as the default address to reach a DNS server

NOTE: The no ip domain-lookup command also disables all DNS on the system.

Disabling Path Integrity Mechanisms

Router(config)#no ip icmp redirect

Prevents the router from sending ICMP redirects

Router(config)#no ip source-route

Disables a sender from controlling the route that a packet travels through a network

Was this article helpful?

0 0

Post a comment