Information
When you want to allow only an outgoing connection on a line, use the no exec command.
Unused ports should be disabled, if not required, since they provide a potential access path for attackers. Some devices include both an auxiliary and console port that can be used to locally connect to and configure the device. The console port is normally the primary port used to configure the device; even when remote, backup administration is required via console server or Keyboard, Video, Mouse (KVM) hardware. The auxiliary port is primarily used for dial-up administration via an external modem; instead, use other available methods.
Solution
Disable the inbound connections on the auxiliary port.
hostname(config)#line aux 0
hostname(config-line)#transport input none
Impact:
Organizations should prevent all unauthorized access of auxiliary ports by disabling all protocols using the 'transport input none' command.