RE: Preventing rogue hosts from intercepting rip packets

From: Shaikh, Nasir (Nasir.Shaikh@atosorigin.com)
Date: Thu May 05 2005 - 15:28:15 GMT-3

• Next message: John Matus: "dot1x port authentication"
• Previous message: Brian McGahan: "RE: ospf protocol number"
• Maybe in reply to: ccie2be: "Preventing rogue hosts from intercepting rip packets"
• Next in thread: Edwards, Andrew M: "RE: Preventing rogue hosts from intercepting rip packets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Tim,
I believe the requirement is asking for authentication. So method 1 (I guess you mean passive interface) does not suffice.
I would go for method 2
and if the requirements of the task allow then combine method 1 and 2

greetz
Nash

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: donderdag 5 mei 2005 16:00
To: Group Study
Subject: Preventing rogue hosts from intercepting rip packets

Hi guys,
 
To achieve the above requirement which method do you think is better? If
you think one method is better than another, do you also think the less
preferred method would be considered wrong in the lab?
 
Method 1
 
use default interface and neighbor combo or
 
Method 2
 
use authentication on the links involved or
 
Method 3
 
Use both Method 1 and Method 2
 
TIA, Tim

• Next message: John Matus: "dot1x port authentication"
• Previous message: Brian McGahan: "RE: ospf protocol number"
• Maybe in reply to: ccie2be: "Preventing rogue hosts from intercepting rip packets"
• Next in thread: Edwards, Andrew M: "RE: Preventing rogue hosts from intercepting rip packets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:56 GMT-3