RE: Web Traffic

From: Michael Zuo (mzuo@ixiacom.com)
Date: Tue Sep 19 2006 - 21:03:40 ART

• Next message: Brian Dennis: "RE: TCL script"
• Previous message: Michael Zuo: "RE: Traffic Policing"
• Maybe in reply to: Dennis Morgan: "Web Traffic"
• Next in thread: Darby Weaver: "RE: Web Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks Brian :)

I am exactly that kind of person ... I will keep that in mind...

-----Original Message-----
From: Brian Dennis [mailto:bdennis@internetworkexpert.com]
Sent: Tuesday, September 19, 2006 5:00 PM
To: Michael Zuo; Sean C.; Dennis Morgan; Cisco certification
Subject: RE: Web Traffic

You are trying to outthink the question. Web traffic is port 80 unless
otherwise specified. Don't complicate the task.

People who outthink the CCIE lab usually don't pass on their 1st or 2nd
try. It usually takes them a few tries before they stop complicating
the lab. In fact I knew a guy who asked me this exact same question and
he took the lab about 8 or 9 times before passing.

HTH,
 
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
 
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)

 
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Michael Zuo
Sent: Tuesday, September 19, 2006 4:12 PM
To: Sean C.; Dennis Morgan; Cisco certification
Subject: RE: Web Traffic

I have a related question:

If the question asks me to disallow outgoing www traffic, should I
disallow traffic to port 443 and 8080 in addition to port 80? (assuming
the proctor will not tell me one way or the other?)

This is something I am not sure whether I will get penalized for the
"ambiguity" in the question...

Would appreciate comments from anyone that has experience with this in a
lab test situation...

thanks

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Sean C.
Sent: Wednesday, September 13, 2006 9:14 PM
To: Dennis Morgan; Cisco certification
Subject: Re: Web Traffic

Hi Dennis,

Very ambiguous question, but it really depends on if you're blocking
traffic
from a client to a web server or traffic from the web server to the
client.

I'll go out on a verrrrrry long limb, and 'assume' you're blocking
traffic
to a web server (TCP port 80) that is from a client. If so, if
everything
is 'default', your first choice would be correct.
If you're protecting traffic that is from a web server going to a
client,
again assuming the 'defaults', I'd look at solution #2.

Again, the question is so vague, I don't feel comfortable offering a
definitive answer. At the risk of being flamed on this board, I'll at
least
offer the above notes.

Hope all is well,
Sean
----- Original Message -----
From: "Dennis Morgan" <dennis3organ@gmail.com>
To: "Cisco certification" <ccielab@groupstudy.com>
Sent: Wednesday, September 13, 2006 12:08 PM
Subject: Web Traffic

Hey Group,

One of the task that I have says that do not permit www traffic in
How this access-list should look like ?
permit tcp any any eq www
or
permit tcp any eq www any

Many thanks for your feedback

Dennis Morgan

• Next message: Brian Dennis: "RE: TCL script"
• Previous message: Michael Zuo: "RE: Traffic Policing"
• Maybe in reply to: Dennis Morgan: "Web Traffic"
• Next in thread: Darby Weaver: "RE: Web Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:41 ART