RE: security question.

From: Church, Chuck (cchurch@xxxxxxxx)
Date: Mon May 06 2002 - 10:02:55 GMT-3

• Next message: Carlos G Mendioroz: "Re: ospf virtual link"
• Previous message: Don Dettmore: "Re: ipx sap-incremental eigrp autonomous-system-number rsup-only"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Kenny,
        
        Typically an ACL only applies to the initial segment of a fragmented
datagram. The remaining fragments usually aren't checked. A new IOS
feature corrects this default behavior. Check out:

http://www.cisco.com/warp/public/105/acl_wp.html

        It's router based, but the principal still applies.

Chuck Church
Sr. Network Engineer
CCIE #8776, MCNE, MCSE
US Tennis Association
70 W. Red Oak Lane
White Plains, NY 10604
914-696-7199

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
lcf1943
Sent: Monday, May 06, 2002 6:52 PM
To: ccielab@groupstudy.com
Subject: OT: security question.

Hi all,

I was reading some pix material and come across this.

"Packets can pass through the filter by being fragmented."

I am sorry for my ignorance but what does that mean?
Many thanks.

Kenny

• Next message: Carlos G Mendioroz: "Re: ospf virtual link"
• Previous message: Don Dettmore: "Re: ipx sap-incremental eigrp autonomous-system-number rsup-only"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:51 GMT-3