Thanks Joe
Nick
GREENNET
Lat: 41043'25.46"N
Long: 44045'45.60"E
On Wed, Jul 1, 2009 at 2:09 AM, Joe Astorino <jastorino_at_ipexpert.com> wrote:
> Nick,
>
>
>
> Yes, thanks for pointing that out. You are right.
>
>
>
> Regards,
>
> Joe Astorino
> CCIE #24347 (R&S)
> Sr. Support Engineer � IPexpert, Inc.
> URL: http://www.IPexpert.com
>
>
> *From:* nickda_at_gmail.com [mailto:nickda_at_gmail.com] *On Behalf Of *Nicholas
> Davitashvili
> *Sent:* Tuesday, June 30, 2009 5:55 PM
>
> *To:* Joe Astorino
> *Cc:* Anthony Sequeira; Mohamed El Henawy; ccie groupstudy
> *Subject:* Re: OSPF Question...other devices in LAN cant intercept
> communicatio bet 2 neighbors
>
>
>
> Joe,
>
> I don't mean passwords. I mean the payload of ospf packet (routes, area
> IDs, FA, etc.).
> Thus if we intercept the OSPF packet, we'll manage to read the contents of
> it, but we can't spoof the hash since we don't know the actual password.
>
> Nick
> GREENNET
> Lat: 41043'25.46"N
> Long: 44045'45.60"E
>
> On Wed, Jul 1, 2009 at 1:52 AM, Joe Astorino <jastorino_at_ipexpert.com>
> wrote:
>
> Nicholas,
>
>
>
> Not as far as I know. MD5 will only send hash across the network, not any
> actual passwords
>
>
>
> Regards,
>
> Joe Astorino
> CCIE #24347 (R&S)
> Sr. Support Engineer � IPexpert, Inc.
> URL: http://www.IPexpert.com
>
>
> *From:* nickda_at_gmail.com [mailto:nickda_at_gmail.com] *On Behalf Of *Nicholas
> Davitashvili
> *Sent:* Tuesday, June 30, 2009 5:49 PM
> *To:* Joe Astorino
> *Cc:* Anthony Sequeira; Mohamed El Henawy; ccie groupstudy
>
>
> *Subject:* Re: OSPF Question...other devices in LAN cant intercept
> communicatio bet 2 neighbors
>
>
>
> Joe,
>
> I was under impression that md5 authentication will not prevent us from
> actually reading the payload as it is authenticated, but not encrypted.
>
> Please correct me if I'm wrong.
>
> Nick
> GREENNET
> Lat: 41043'25.46"N
> Long: 44045'45.60"E
>
> On Wed, Jul 1, 2009 at 1:40 AM, Mohamed El Henawy <m.henawy_at_link.net>
> wrote:
>
> Thanks Anthony ,Joe
>
> perhaps I went too far with my thinking for this question ( Technology labs
> made me think of a lot of options ) it was more simple than that but the
> point about asking the proctor is very good ..hope they will be answering
:)
> and your are correct Joe..read data and intercept it are different and I
> don't think the proctor will spend any minutes thinking about the
difference
> bet the 2 words
> even though I'm officially lost the points for this question but still I'm
> comfortable...some how in real life I would have put the pwd...still ..I
> know very well I study for the exam not for real life
> Anyway...Thanks a lot for your reply so much appreciated really
>
>
>
> ----- Original Message ----- From: "Anthony Sequeira" <asequeira_at_ine.com>
> To: "Mohamed El Henawy" <m.henawy_at_link.net>
> Cc: "ccie groupstudy" <ccielab_at_groupstudy.com>
> Sent: Wednesday, July 01, 2009 12:29 AM
> Subject: Re: OSPF Question...other devices in LAN cant intercept
> communicatio bet 2 neighbors
>
>
>
> Hi Mohamed!
>
> Your solution is not strange at all. You are thinking OSPF security and
> that is an excellent thing.
>
> In the actual exam, you need to read very, very carefully to determine the
> tool or strategy the proctors are looking/grading for. When in doubt, go
to
> them and explain your reasoning for choosing one tool over another and see
> if they can provide some guidance. If we had wanted OSPF authentication in
> the task, you would have noticed that we would have hinted at what
> kind...null, clear text, MD5. Notice that we tend to hint, not come right
> out and dictate it.
>
> What is most important as you go through our training is that you continue
> to practice task interpretation and master all of the options that exist
for
> solving a particular task. The actual lab will be sure to challenge your
> problem solving skills...and sometimes requires quite a bit of creativity.
>
> Congratulations on your journey - enjoy every minute!
>
> Warmest Regards,
>
> Anthony J. Sequeira, CCIE #15626
> http://www.INE.com
>
>
>
>
>
> On Jun 30, 2009, at 5:05 PM, Mohamed El Henawy wrote:
>
> Hello Group ,
>
> hope someone can guide me here
>
> I started doing my 1st IE Workbook2
>
> there is this question OSPF bet 2 routers in same LAN , question asking
> ensure that host devices running ospf on the segment cant intercept the
> ospf
> communication bet the 2 routers...i put authentication under the interface
> and
> the answer was with neighbor command..pretty simple
>
> my question is....wouldn't having pwd would make the traffic cant be
> intercepted ??...
>
> i don't know why I think of such strange solutions....i'm not even that
> expert
>
>
> Thanks .
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> Checked by AVG - www.avg.com
>
>
> Version: 8.5.375 / Virus Database: 270.13.0/2210 - Release Date: 06/30/09
> 06:10:00
>
>
>
> Checked by AVG - www.avg.com
> Version: 8.5.375 / Virus Database: 270.13.0/2210 - Release Date: 06/30/09
> 06:10:00
Blogs and organic groups at http://www.ccie.net
Received on Wed Jul 01 2009 - 02:11:42 ART