01-30-2007 08:27 AM - edited 03-09-2019 05:18 PM
Hello,
Question regarding the work around for the recent Cisco Security Advisory (cisco-sa-20070124). The link to this advisory is here:http://www.cisco.com/en/US/customer/products/products_security_advisory09186a00807cb0e4.shtml#vuln
The work around says to create an access-list for example:
access-list 150 permit tcp TRUSTED_HOSTS MASK INFRASTRUCTURE_ADDRESSES MASK
So trusted_hosts, is that the hosts on my network?
Infrastructure_addresses, is this my routers
I'm not sure what they are saying here. If anyone could shed some light, that would be great
Thanks
Mike
01-31-2007 10:42 AM
Pretty close. Trusted hosts SHOULD be hosts that are A.,trusted and B., require access to those devices. So as an example "TRUSTES_HOSTS" could be management stations, admin desktops, or whatever is required to have access and you is "trusted". Ideally infrastructure address space should only be reachable from trusted users that need access and no one else. Infrastructure space would likely include addresses for routers, firewalls, switches , authentication servers, monitoring servers, basically anything that makes the network run and keeps it alive. Hope this helps.
01-31-2007 12:03 PM
Great... Thanks for the help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide