Disable or turn off CDP on Cisco switches
Contributed by CISSP06 
Tagged: Cisco switch Cisco Discover Protocol or CDP is a Cisco-proprietary protocol that runs on all Cisco products. CDP allows devices to learn about neighboring devices (the ones attached directly to the switch) including information about their platform, IP address, the version of IOS or other OS, VLAN membership, etc. This can be helpful information when troubleshooting network issues, it can also provide an attacker valuable information about the layout of your network. Other vulnerabilities include a denial of service attack in which CDP packets are generated, flooding the network. If you want to know how to turn off CDP, read on.
To disable CDP on the entire switch, use the ‘no cdp run’ command from enable mode:
conf t
no cdp run
CDP can also be disabled on specific ports. To disable CDP on FastEthernet0/3, use these commands from enable mode:
conf t
int faste0/3
no cdp enable
Be sure to save those settings! In my practice, I turn on CDP when I need it, then disable it when I’m done. In general, I’m opposed to things that constantly generate traffic on the network, regardless of how little, when I don’t constantly benefit from that traffic.
You may also like -
Configure On-Demand Routing (ODR) on Cisco routers
How to Determine Which Switch and Port You are Connected To
Configure IGRP routing on a Cisco router
Protect against unauthorized switches
Serial Point-to-Point Encapsulation Explained
Show a summary of a Cisco router interfaces
Configuring OSPF on a Cisco router
Enable Cisco Password Encryption
ppscslv said on October 8, 2011
thanks! yesterday I wrong disabled cdp on a router at ccna security practice exam. I shoud disable it on an interface, not on entire router..