From: Chris Allen (chris.allen@xxxxxxxxxxxx)
Date: Tue Jun 12 2001 - 14:44:06 GMT-3
It doesn't matter if TFTP switches to higher ports! As long as you can never
initiate the conversation which would be on port 69, there will never be a
tftp transfer.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Dean, Justin
Sent: Tuesday, June 12, 2001 1:21 PM
To: 'ccielab@groupstudy.com'
Subject: RE: Access-list - Deny TFTP
I could of swore there was a bit of a trick in there because of the way tftp
changes to high ports after being established. If I can remember correctly
it became an issue when the requirements say something like: allow tftp from
network X and block everything else ..let me know if I am just way off
here. Thanks,
justin
-----Original Message-----
From: louie kouncar [mailto:lkouncar@UU.NET]
Sent: Tuesday, June 12, 2001 10:03 AM
To: 'Dean, Justin'; ccielab@groupstudy.com
Subject: RE: Access-list - Deny TFTP
Well,
TFTP uses UDP so you need the following:
access-list 101 deny udp any any eq tftp
Hope that helps...
Louie J. Kouncar
TCO3 Senior Data Center Engineer
WorldCom Web Hosting (Tysons)
W-703-343-6645
C-703-304-2460
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Dean, Justin
Sent: Tuesday, June 12, 2001 12:34 PM
To: 'ccielab@groupstudy.com'
Subject: Access-list - Deny TFTP
I am drawing a blank and I can't remember the proper way to block TFTP in an
access list. Can someone help me out. Thanks,
Justin
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:23 GMT-3