Router(config)# no service udp-small-servers

Router(config)# no ip bootp server Router(config)# no service finger Router(config)# no ip http server Router(config)# no ip identd Router(config)# no snmp-server community . If SNMP on the router is required, use the following commands to clear out any SNMP servers with default community strings. Router(config)# no snmp-server community public

Router(config)# no snmp-server community private . Then set up the SNMP server with a community string that is difficult to guess. Also, if possible, allow only read-only access to the server; do not allow read-write access to the server. Apply an access-list to the server. Refer to the following section on TCP/IP Filters for discussion of an access-list for SNMP in more detail. The following command is an example. Router(config)# snmp-server community S3cr3t-str1n9 ro 10 . The following commands disable the following services: Cisco Discovery Protocol (CDP),
Next topic
Previous topic