Details
Disable the Bootstrap Protocol (BOOTP) service on your routing device.
Rationale:
BootP allows a router to issue IP addresses. This should be disabled unless there is a specific requirement.
Impact:
To reduce the risk of unauthorized access, organizations should implement a security policy restricting network protocols and explicitly require disabling all insecure or unnecessary protocols such as ‘ip bootp server’.
Solution
Disable the bootp server.
hostname(config)#ip dhcp bootp ignore
Default Value:
Enabled
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.