Re: Securing Telnet access

From: ccie2be (ccie2be@nyc.rr.com)
Date: Sun Oct 31 2004 - 08:24:57 GMT-3

• Next message: ccie: "exchange seats in brussel"
• Previous message: M. Mohan: "Help: Problem seeing the CCIE Security Lab Archives"
• Maybe in reply to: ccie2be: "Securing Telnet access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Very, very good point. Thank you

----- Original Message -----
From: "Steve Connolly" <sconnolly@aisnets.com>
To: "ccie2be" <ccie2be@nyc.rr.com>
Cc: <ccielab@groupstudy.com>
Sent: Saturday, October 30, 2004 11:29 PM
Subject: RE: Securing Telnet access

Using method 1, not only will you block telnet traffic that is destined
for the router, you will also block any telnet traffic that is
traversing the router.

Method 2 will only effect telnet sessions into the router it is applied
on.

Stephen Connolly
Network Engineer
Applied Information Systems
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Saturday, October 30, 2004 8:41 AM
To: Group Study
Subject: Securing Telnet access

Hi guys,

What's the a difference or benefit to securing telnet access between
these 2
methods?

Method 1

Applying a deny telnet acl to all the physical interfaces

Method 2

Applying a deny telnet acl to line vty 0 4

To me, the only difference I can see is that with method 1, I would need
to
type (or cut and paste) a bit more. Besides that, is there anything
else or
would either method be considered equally suitable?

TIA, Tim

• Next message: ccie: "exchange seats in brussel"
• Previous message: M. Mohan: "Help: Problem seeing the CCIE Security Lab Archives"
• Maybe in reply to: ccie2be: "Securing Telnet access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:55 GMT-3