Imran,
I you are told to allow web traffic: there is a hidden implication that
they mean http/https which are both web based traffic. FTP would need
both port's for control and data to work as you cannot make assumptions as
to whether the ftp traffic is passive or active. DNS on the other hand is
a little more blurry, as you only need port udp/53 for DOMAIN services to
work, as typical tcp/53 is used for zone-transfers and the like. But all
in all, I'd like to hear from other folks as well :)
Joe Sanchez
On 9/2/12 1:30 PM, "Imran Ali" <immrccie_at_gmail.com> wrote:
>Hi all,
>
>i have seen in vendors labs when they do classification of traffic they go
>one step ahead
>
>for example : for web ....http and https
> for dns udp domain and tcp domain
> for ftp ftp-data and ftp
>
>just want to check if this is good idea ..offcourse in lab proctor is
>their
>to clarify.
>
>
>Blogs and organic groups at http://www.ccie.net
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Sep 04 2012 - 14:02:09 ART
This archive was generated by hypermail 2.2.0 : Mon Oct 01 2012 - 06:40:29 ART