From: Russell Lusignan (rlusignan@xxxxxxxxxx)
Date: Mon Mar 11 2002 - 04:21:52 GMT-3
> Hey guys, I am a little confused on Section VII for the funky
> access-list. The question states:
>
> Write a filter to block data from the following sources:
> 1: Deny FTP, HTTP from 131.24.194.x
> 2: Deny FTP, HTTP from 131.25.194.x
> 3: Deny FTP, HTTP from 135.152.1.1
> 4: Deny FTP, HTTP from 131.24.195.x
> 5: Deny FTP, HTTP from 131.24.193.x
>
> The content was modified with the errata from the Darth Reid solution
> PDF file. My access-list looks like this:
>
> Extended IP access-list darth
> deny tcp 131.24.0.0 4.129.195.255 any range ftp-data ftp
> deny tcp 131.24.0.0 4.129.195.255 any eq 80
> permit tcp any any
>
> What I did was write out all the address in binary and then set the
> wildcard bits based on the bits that changed in each of the addresses,
> needless to say my solution differs from the actual lab answer, but I
> still believe that my access-list will meet the requirements of the
> question.
>
> It looks like even though the errata says to "delete line with IP
> address 227.24.194.x" their solution still takes that address into
> consideration for the wildcard bits, can anyone comment on this?
>
> -Russ
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:59 GMT-3