Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cisco Workaround

From: Ghaith Nasrawi <libero () aucegypt edu>
Date: Fri, 25 Jul 2003 18:33:23 +0300
Well, my question is; what the hell if I was using any of these
protocols?? Didn't cisco think of that?? They should have suggested a
more decent solution.


./Ghaith
===============

Today is the tomorrow you worried about yesterday





-----Original Message-----
From: jamesworld () intelligencia com [mailto:jamesworld () intelligencia com]

Sent: Wednesday, July 23, 2003 6:48 PM
To: Alvaro Gordon-Escobar
Cc: firewalls () securityfocus com; security-basics () securityfocus com
Subject: Re: Cisco Workaround

Alvaro,

No.  The protocol blocked by the access-list is protocol 53 not protocol

TCP or protocol UDP port 53.

If you need further info, let me know,

-James



At 09:15 7/23/2003, Alvaro Gordon-Escobar wrote:

will this access list modification prevent my internal DNS server from 
updates to it self from my telco's DNS server?

access-list 101 deny 53 any any
access-list 101 deny 55 any any
access-list 101 deny 77 any any
access-list 101 deny 103 any any
!--- insert any other previously applied ACL entries here
!--- you must permit other protocols through to allow normal
!--- traffic -- previously defined permit lists will work
!--- or you may use the permit ip any any shown here
access-list 101 permit ip any any

Thanks in advance

~alvaro Escobar

-----------------------------------------------------------------------

----

-----------------------------------------------------------------------

-----


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: