From: ccie2be (ccie2be@nyc.rr.com)
Date: Mon Nov 15 2004 - 08:41:49 GMT-3
Which lab? task?
----- Original Message -----
From: "John Matus" <jmatus@pacbell.net>
To: "marc van hoof" <mvh@marcvanhoof.com>; "ccie2be" <ccie2be@nyc.rr.com>
Cc: "lab" <ccielab@groupstudy.com>
Sent: Monday, November 15, 2004 1:29 AM
Subject: Re: smtp flow
> yes, that was my initial thinking, however internetwork experts had it
> ass-backwards in their solution guide and i just wanted to make sure i was
> correct <and they had a typo>
>
>
> Regards,
>
> John D. Matus
> MCSE, CCNP
> Office: 818-782-2061
> Cell: 818-430-8372
> jmatus@pacbell.net
> ----- Original Message -----
> From: "marc van hoof" <mvh@marcvanhoof.com>
> To: "ccie2be" <ccie2be@nyc.rr.com>
> Cc: "John Matus" <jmatus@pacbell.net>; "lab" <ccielab@groupstudy.com>
> Sent: Sunday, November 14, 2004 8:50 PM
> Subject: Re: smtp flow
>
>
> > oh, and to answer the question, i would probably go with:
> >
> > deny tcp any eq smtp any
> >
> > given that you have to look at the terms "server" and "client" from the
> > perspective of the transaction, rather than the functions of the
> > hardware...
> >
> > in a traditional transaction, a client will be the originator of a
> > session, and the server will be the recipient...
> >
> > so PC 1 creates a tcp connection from some random source port to another
> > computer on port 25... in this transaction, i'd interpret that as the
> > "server"
> >
> > to block the return traffic, you need to stop it flowing from the
"server"
> > on port 25 to the client's variable port, hence it must be unspecified
in
> > the acl.
> >
> > the definition of "server" and "client" are something you could probably
> > ask the proctor though - just to clarify your understanding of the
> > question. "proctor - should we assume that the client is the originator
of
> > the connection - i'm a bit confused because smtp is often used between
> > mail servers"...
> >
> > -marc (#13832)
> >
> > On Sun, 14 Nov 2004, ccie2be wrote:
> >
> >> John,
> >>
> >> I don't know the answer for sure. But, in the lab, if something like
> >> that
> >> comes and the wording of the task didn't forbid it, what I would do is
> >> use
> >> both. Youdon't lose points for extra config commands which aren't
needed
> >> as
> >> long as the extra commands don't break or violate anything else.
> >>
> >> If one of those entries is the right entry but you don't know which one
> >> and
> >> just guess, you've got a 50% chance of being right. If you put in both
> >> entries and the wrong entry does no harm, you've increase your odds to
> >> 100%.
> >>
> >> FYI, smtp is usually not used between a server and a client. Usually,
> >> it's
> >> something like pop, (or imap?).
> >>
> >> HTH, Tim
> >> ----- Original Message -----
> >> From: "John Matus" <jmatus@pacbell.net>
> >> To: "lab" <ccielab@groupstudy.com>
> >> Sent: Sunday, November 14, 2004 10:09 PM
> >> Subject: smtp flow
> >>
> >>
> >>> if you are writing an acl that is denying a smpt flow from a server to
a
> >>> client would it be:
> >>>
> >>> deny tcp any eq smtp any?..........(or deny tcp any any eq smtp)?
> >>>
> >>>
> >>> Regards,
> >>>
> >>> John D. Matus
> >>> MCSE, CCNP
> >>> Office: 818-782-2061
> >>> Cell: 818-430-8372
> >>> jmatus@pacbell.net
> >>>
> >>>
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:45 GMT-3