IEWB2 Lab8 Task 8.1 - ACL for Router Hardening

From: Nitro Drops (nitrodrops@hotmail.com)
Date: Wed Sep 17 2008 - 08:41:20 ART

• Next message: Luca Hall: "Re: OT - Banking"
• Previous message: Paul Cosgrove: "Re: OT - Banking"
• Next in thread: gopal.x.gupta@jpmorgan.com: "Re: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Maybe reply: gopal.x.gupta@jpmorgan.com: "Re: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Maybe reply: Steve Means: "RE: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

When viewing the COD, instructors always emphasize the followings for ACL
- where is the source and destination?
- be as specific for ACL

For this Task, it is requesting to drop all HTTP/ TELNET/ ECHO requests from
BB2 and BB3

SG's ACL is as follows
deny tcp any 174.1.0.0 0.0.255.255 eq www
deny tcp any 174.1.0.0 0.0.255.255 eq telnet

Shouldnt the answer be more specific to make the source to match BB3 and BB2's
interfaces?

deny tcp host 204.12.1.254 174.1.0.0 0.0.255.255 eq www
deny tcp host 204.12.1.254 174.1.0.0 0.0.255.255 eq telnet
deny tcp host 192.10.1.254 174.1.0.0 0.0.255.255 eq www
deny tcp host 192.10.1.254 174.1.0.0 0.0.255.255 eq telnet

Cheers
Nit

• Next message: Luca Hall: "Re: OT - Banking"
• Previous message: Paul Cosgrove: "Re: OT - Banking"
• Next in thread: gopal.x.gupta@jpmorgan.com: "Re: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Maybe reply: gopal.x.gupta@jpmorgan.com: "Re: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Maybe reply: Steve Means: "RE: IEWB2 Lab8 Task 8.1 - ACL for Router Hardening"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:18 ART