Potential Information Leak with CDP

Carole Warner Reece

One of the NetCraftsmen engineers mentioned a condition where CDP can potentially leak information — this is based on a thread on the c-nsp mailer.  
An organization had ‘cdp off’ on a POS1/0/0 interface which is an STM-16 link. After changing the encapsulation from ppp to hdlc, the IOS automatically changes CDP to be on without even a system message.  This could be an issue if you are trying to maintain a secure router.  
This behavior has been documented in CSCso40579, but has been marked closed. CSCso59137 (sev=4) documents the behavior as working as designed. This bugid will print a CDP status change message when such an event occurs.
Moral of the story
– if you want your router to stay secure, always double check your settings after making configuration updates since things might change without you knowing it.

Leave a Reply