Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-25-2018 02:15 PM
Hello, we have a requirement to have TFTP disabled on our switch... Is this possible? If so what commands can I run?
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-16-2019 06:54 AM
Hi Adam,
TFTP is executed under the inetd process. TFTPd is disabled by default on higher releases (6.x+) which the 6720 does not support. IPfilter is not needed to block this.
Please do the following to disable tftpd. A reload will be needed to take effect.
The below will do the following:
### After switch boots up ###
TFTP is executed under the inetd process. TFTPd is disabled by default on higher releases (6.x+) which the 6720 does not support. IPfilter is not needed to block this.
Please do the following to disable tftpd. A reload will be needed to take effect.
The below will do the following:
- take back up of inetd.conf
- comment out tftpd in inetd.conf and put in new file via sed
- overwrite inetd.conf with update file
- copy inetd.conf to 2nd partition in case of partition swap in the future
- reload switch
code:
sw0# unhide foscmd
Password: ******** (fibranne)
sw0# fos bash | no
sw0:root> netstat -anp | grep :69
udp 0 0 0.0.0.0:69 0.0.0.0:* 1295/inetd
sw0:root> cat /etc/inetd.conf | grep tftpd
tftp dgram udp wait nobody /usr/sbin/in.tftpd in.tftpd /tftpboot
bash-2.04# cp /etc/inetd.conf /etc/inetd.conf.bak
bash-2.04# cp /mnt/etc/inetd.conf /mnt/etc/inetd.conf.bak
bash-2.04# sed -e 's/^tftp/#tftp/' /etc/inetd.conf > /etc/inetd.conf.new
bash-2.04# cp /etc/inetd.conf.new /etc/inetd.conf
bash-2.04# grep tftp /etc/inetd.conf
#tftp dgram udp wait nobody /usr/sbin/in.tftpd in.tftpd /tftpboot
bash-2.04# cp /etc/inetd.conf /mnt/etc/inetd.conf
bash-2.04# exit
exit
sw0# reload system
### After switch boots up ###
code:
sw0# unhide foscmd
Password: ******** (fibranne)
sw0# fos bash | no
bash-2.04# netstat -anp | grep :69
bash-2.04#
25 REPLIES 25
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-14-2019 08:15 PM
Im not exactly sure how to see which on tftp is using. SSH is enabled and Tenet is disabled.
# sh vrf - shows nothing.
# sh vrf - shows nothing.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-14-2019 08:13 PM
was tftp using telnet or ssh
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-14-2019 08:12 PM
I cannot access that link from the other network.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-14-2019 08:11 PM
Would like to be able to disable the TFTP daemon....
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-14-2019 08:11 PM
if you click on the link for the live session, we can share the session.
You can login to show me … the link is above, session is still open for the next 30 min.
You can login to show me … the link is above, session is still open for the next 30 min.
