Re: IEWB Lab13 Vol 2 - Task 7.1

From: Darby Weaver (ccie.weaver@gmail.com)
Date: Thu Jan 29 2009 - 00:44:53 ARST

• Next message: Azmat Marwat: "CCIE VOICE lab vendors"
• Previous message: Darby Weaver: "Re: Bootcamps and Vendors"
• Maybe in reply to: Sharma, Praveen: "IEWB Lab13 Vol 2 - Task 7.1"
• Next in thread: Jared Scrivener: "RE: IEWB Lab13 Vol 2 - Task 7.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Good point Jared! Scott confirms it later.

No ip unreachables was the first thing that comes to my mind too.

But what if were taken off the table.

And Cisco has published a book on the Control Plan Security - I'd guess it's
in our best interest to read it. I own it and have not yet. Ouch!

But it looks like Jared might have. Kudos!

On 1/28/09, Jared Scrivener <jscrivener@ipexpert.com> wrote:
>
> Hey Praveen,
>
> I'm not familiar with IE's labs, but generally if you see a reference to
> "silently discarding packets" you are probably being directed to use
> control-plane policing with the silent discard feature. This is enabled
> automatically if you are using outbound control-plane policing.
>
> Silent discarding is generally used to ensure that messages aren't being
> sent back to the sender of denied packets. This is done to help avoid
> network reconnaissance attacks.
>
> Without seeing the specific question, that's the best suggestion I can
> offer.
>
> Cheers,
>
> Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP
> Technical Instructor - IPexpert, Inc.
> Telephone: +1.810.326.1444
> Fax: +1.810.454.0130
> Mailto: jscrivener@ipexpert.com
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Sharma, Praveen
> Sent: Wednesday, 28 January 2009 4:17 PM
> To: ccielab@groupstudy.com
> Subject: IEWB Lab13 Vol 2 - Task 7.1
>
> Hi GS,
>
> I got confused with this statement in access-list example
>
> "Silently Discard packet that denied".
>
>
> To be more specific it is Vol II 4.1 Lab 13 7.1.
>
> Thanks
> Praveen
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: Azmat Marwat: "CCIE VOICE lab vendors"
• Previous message: Darby Weaver: "Re: Bootcamps and Vendors"
• Maybe in reply to: Sharma, Praveen: "IEWB Lab13 Vol 2 - Task 7.1"
• Next in thread: Jared Scrivener: "RE: IEWB Lab13 Vol 2 - Task 7.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:40 ARST