[9122] in bugtraq
Re: Remote Cisco Identification
daemon@ATHENA.MIT.EDU (Jared Mauch)
Tue Jan 19 18:50:48 1999
Mail-Followup-To: Kurt Seifried <listuser@SEIFRIED.ORG>, bugtraq@netspace.org
Date: Tue, 19 Jan 1999 13:16:51 -0500
Reply-To: Jared Mauch <jared@PUCK.NETHER.NET>
From: Jared Mauch <jared@PUCK.NETHER.NET>
X-To: Kurt Seifried <listuser@SEIFRIED.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <002001be4322$01024e70$1400000a@seifried.org>; from Kurt Seifried
on Mon, Jan 18, 1999 at 01:34:53PM -0700
On Mon, Jan 18, 1999 at 01:34:53PM -0700, Kurt Seifried wrote:
> show cdp neighbour
> shows a table with what is attached to interfaces (at the remote end).
>
> show cdp neighbour detail
> shows a whole lot more info, supposedly a great tool for trouble shooting,
> since it is protocol/media independant you can see if the remote side
> has a misconfigured address/whatnot. More detail on how to disable it/etc
> on page 78-79 "Router Products Commands Summary Rel 11.0" (just look
> up cdp in the index).
>
> You might want to see if there are commands to show info like the
> interfaces,
> networks, and whatnot, I suspect they might be in there (nice boner for
> cisco
> to pull). Then it would make for a truely great Cisco network discovery
> util.
These items can also be found if you have the snmp
community to the units (see ftp://ftp.cisco.com/pub/mibs/v2/CISCO-CDP-MIB.my)
Based upon what you may (or may not) want to do with your
network, you can turn cdp off globally via "no cdp run"
in your configuration, or "no cdp enable" on a per interface basis.
I primarily use this information for network debugging and
network discovery, which is very useful in many cases when dealing
with customers, but they may also consider this a security issue
of people knowing what equipment they have.
Notes:
1) CDP is only avaiable for adjancet cisco products
2) CDP information via snmp could be highly detrimental
if you have a common snmp community without filters (ie: public)
- Jared
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
