Munit Singla wrote: > > Hi Brian, > what abt the port numbers in case of rip.
You're already taking care of the port number with the keyword "rip." > should that be taken care. > Munit > > > Brian wrote: > > > I would limit source addresses and use authentication for > routing uodate > > exchanges. Absolutely! You're letting just anyone send you RIP, EIGRP, and OSPF data. That's risky. Also, you better permit some other traffic too! Why bother allowing routing updates if you aren't going to let any other traffic in. ;-)Don't forget the implicit deny all at the end of the list. Priscilla > > > > Bri > > > > On Wed, 18 Dec 2002, Munit Singla wrote: > > > > > Hi All, > > > Is their any type of vulnerability in this access kist > > > access-list permit udp any any eq rip > > > access-list permit ospf any any > > > access-list permit eigrp any any > > > This access list is applied to the wan iterface in the > inbound > > > direction. > > > Or should it be according to the multicast addreses the > specific routing > > > > > > protocol uses except Ripv1. > > > another thing for ripv 1& 2 we can specify source port > instead of any > > > .can anybody suggest me that with the above access list > what could be > > > Implications. > > > Thanx in Advance > > > Regards, > > > Munit > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59496&t=59443 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
