One point of security that has been hammered on within the desktop/server world
is the need to turn off unnecessary services. Unfortunately, people commonly overlook the fact that it is not just the desktops and servers that are potentially running unnecessary services ”your network devices are also likely doing this. Detailed configuration examples of how to turn off services will be covered in the device-specific chapters of this book (for example, Chapter 6 for your routers and switches). However, here is a list of services you should look for on your network equipment and turn off if you are not actively using them:
Cisco Discovery Protocol (CDP)
TCP and UDP small servers
Finger server
HTTP server
Bootp server
Network Time Protocol (NTP) service
Simple Network Management Protocol (SNMP) services
Configuration auto-loading
IP source routing
Proxy ARP
IP directed broadcast
IP unreachable, redirects, and mask replies
Router name and DNS name resolution services