From: tunde omotosho (tundeomot@yahoo.com)
Date: Thu Sep 06 2007 - 05:46:53 ART
Mates,
in configuring TCP intercept.
From the DOC CD The following configuration defines extended IP access list 101, causing the software to intercept packets for all TCP servers on the 192.168.1.0/24 subnet:
ip tcp intercept list 101
!access-list 101 permit tcp any 192.168.1.0 0.0.0.255
I noticed further that the source must always be any since the source of the attck is not known.
I saw a solution in a workbook where a subnet within the ip domain of the workbook is used as the source in the access-list, even when the question said attack from the internet.
Please correct me if i am wrong or the workbook is right?
---------------------------------
Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase.
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:09 ART