Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: CISCO Layer 3 switch

From: "Mayers, Philip J" <p.mayers () ic ac uk>
Date: Mon, 19 Nov 2001 11:48:26 -0000
Compromise the switch itself, or through the switch?

In theory, although they lack flexibility, packet filters can be "absolute"
- as in, "absolutely not traffic to my router's vty lines except from these
IPs" - then you're only vulnerable to IP spoofing (but you're doing RP
filtering, of course...).

Regards,
Phil

+------------------------------------------+
| Phil Mayers                              |
| Network & Infrastructure Group           |
| Information & Communication Technologies |
| Imperial College                         |
+------------------------------------------+ 

-----Original Message-----
From: Ellis Luk [mailto:e_luk () hotmail com]
Sent: 15 November 2001 07:01
To: firewall-wizards () nfr net
Subject: [fw-wiz] CISCO Layer 3 switch


I'm not that familiar with layer 3 switch, and hope someone can point me to 
the right direction.

In term of security, what is the different between a CISCO packet filtering 
router and a CISCO layer 3 switch with extended ACL ??

Would it be easier to compromise a layer 3 switch than a PF router ??

Thanks

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: