From: gopal.x.gupta@jpmorgan.com
Date: Wed Sep 17 2008 - 09:21:42 ART
How can you make sure that the traffic coming from BB2 and BB3 will always
have only this Source addres i.e. 204.12.1.254 , 192.10.1.254.....It could
be any Ip address sourcing telnet/Web Traffic from BB2 and BB3.
HTH
Gops
Nitro Drops <nitrodrops@hotmail.com>
Sent by: nobody@groupstudy.com
09/17/2008 05:11 PM
Please respond to
Nitro Drops <nitrodrops@hotmail.com>
To
<ccielab@groupstudy.com>
cc
Subject
IEWB2 Lab8 Task 8.1 - ACL for Router Hardening
When viewing the COD, instructors always emphasize the followings for ACL
- where is the source and destination?
- be as specific for ACL
For this Task, it is requesting to drop all HTTP/ TELNET/ ECHO requests
from
BB2 and BB3
SG's ACL is as follows
deny tcp any 174.1.0.0 0.0.255.255 eq www
deny tcp any 174.1.0.0 0.0.255.255 eq telnet
Shouldnt the answer be more specific to make the source to match BB3 and
BB2's
interfaces?
deny tcp host 204.12.1.254 174.1.0.0 0.0.255.255 eq www
deny tcp host 204.12.1.254 174.1.0.0 0.0.255.255 eq telnet
deny tcp host 192.10.1.254 174.1.0.0 0.0.255.255 eq www
deny tcp host 192.10.1.254 174.1.0.0 0.0.255.255 eq telnet
Cheers
Nit
This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:18 ART