Kewl - I've heard CCIE instructors state that since Null authentication is
not either Plain text or MD5, then it was not a method.
Um.. That can be a killer and cost points due inability to interpret
especially when a candidate rules out the option as acceptable since a CCIE
instructor told them otherwise.
Ouch!
Nothing like being taught to fail... quite successfully.
FYI - If you get a chance can you visit linkedin, join the group, and click
on the Like button to like my link please:
I'm trying to win a free exam voucher.
Darby
http://www.darbyslogs.blogspot.com
On Fri, May 20, 2011 at 8:52 AM, manoj kaushal <kaushalpec_at_gmail.com> wrote:
> I read about it in CCNP ROUTE book
>
> 1. NULL
> 2. Plain text
> 3. MD5
>
> On Fri, May 20, 2011 at 5:58 PM, Darby Weaver <darby.weaver_at_gmail.com>wrote:
>
>> That's what I love about the CCIE Lab...
>>
>> Everyone says there are "only" 2 types of authentication in OSPF....
>>
>> 1. Plain text
>> 2. MD5
>>
>> If you listen to all your most knowledgeable friends on Groupstudy and a
>> couple of three (maybe more CCIE's of some repute)...
>>
>> And then you find yourself in the "gladiator's chamber" one day... and a
>> third is suggested by some hint of a vague clue...
>>
>> Unless you've heard of RFC2328 and then you find... there is a third...
>> and
>> you find yourself astonished in about the same way everyone else was when
>> we
>> found out that Luke Skywalker was not quite "The Last Hope" as mentioned
>> by
>> Yoda... Yep... there are three...
>>
>>
>> OSPF as defined in
>> [RFC2328]
>> includes three different types of
>> authentication schemes: Null authentication, simple password and
>> cryptographic authentication. NULL authentication is akin to having
>> no authentication at all. In the simple password scheme of
>> authentication, the passwords are exchanged in the clear text on the
>> network and anyone with physical access to the network can learn the
>> password and compromise the security of the OSPF domain.
>>
>> In the cryptographic authentication scheme, the OSPF routers on a
>> common network/subnet share a secret key which is used to generate a
>> keyed MD5 digest for each packet and a monotonically increasing
>> sequence number scheme is used to prevent replay attacks.
>>
>>
>>
>>
>> --
>> Darby Weaver
>> Network Engineer
>> http://www.darbyslogs.blogspot.com
>>
>> darbyweaver_at_yahoo.com
> --
> Kaushal
>
>
-- Darby Weaver Network Engineer http://www.darbyslogs.blogspot.com darbyweaver_at_yahoo.com Blogs and organic groups at http://www.ccie.netReceived on Fri May 20 2011 - 09:20:51 ART
This archive was generated by hypermail 2.2.0 : Wed Jun 01 2011 - 09:01:11 ART