but what made the customer to feel insecure with STP . ?? have you explained him to disable DTP to avoid vlan hopping attack
On Thu, Jan 12, 2012 at 10:59 AM, CCIE KID <[email protected]> wrote: > Hi Steve, > > Ha I will work on a RFC for Authentication in STP. Can someone tell me a > idea for it :) if possible ....hehe :) > > > On Fri, Jan 13, 2012 at 12:20 AM, Di Bias, Steve <[email protected] > >wrote: > > > The only thing you can do is protect your borders with BPDU and ROOT > > guard. Pretty neat I idea though, why doesn't STP have some sort of > > authentication piece to it? Maybe you should create a new RFC :) > > > > Thank you, > > > > Steve E. Di Bias CCIE #32840 > > Network Engineer - Information Systems > > Valley Health System - Las Vegas > > Office - 702- 369-7594 > > Cell - 702-241-1801 > > [email protected] > > > > -----Original Message----- > > From: [email protected] [mailto: > > [email protected]] On Behalf Of CCIE KID > > Sent: Thursday, January 12, 2012 10:22 AM > > To: Cisco certification; CCIE OSL > > Subject: [OSL | CCIE_RS] OT: Authentication in STP > > > > Hi fellas, > > > > My customer is asking for any authentication in STP. Can someone tell me > > that if there is any Authentication mechanism in STP to validate to > correct > > birdges with some hash value and try to avoid rogue bridges with this. I > > searched in RFC's and i guess there is no Authentication mechanism in > STP . > > So is there any other IEEE standard for STP Authentication. > > I found Cisco Proprietary Root Guards which basically tells avoid any > > superior BPDUs and avoid that port as Root port. > > > > I know Root Guard doesnt do any authentication . But is there any other > > mechnaism where can do authenticating the bridges in STP logic > > > > I believe Radia Perlman is still kicking for this :) > > > > > > -- > > With Warmest Regards, > > > > CCIE KID > > CCIE#29992 (Security) > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, please > > visit www.ipexpert.com > > > > Are you a CCNP or CCIE and looking for a job? Check out > > www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > > > > > > UHS Confidentiality Notice: This e-mail message, including any > > attachments, is for the sole use of the intended recipient (s) and may > > contain confidential and privileged information. Any unauthorized > review, > > use, disclosure or distribution of this information is prohibited. If > this > > was sent to you in error, please notify the sender by reply e-mail and > > destroy all copies of the original message. > > > > > -- > With Warmest Regards, > > CCIE KID > CCIE#29992 (Security) > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
