RE: Test is in 2 hours and I'm having difficulties with RIF [7:2069]

2001-04-26 Thread Andy Low
Hi, Any one know how to interpret RIF based on different network topology: SRB, RSRM, DLsw+ ? Is there a better way? Andy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Fred Ingham Sent: Thursday, April 26, 2001 12:19 PM To: [EMAIL PROTECTED] Subject

RE: VLAN's and Routers [7:2534]

2001-04-30 Thread Andy Low
Hi Sammi, You can create 10.200.1.x/24 as VLAN 1 10.200.2.x/24 as VLAN 2 this will isolate the broadcast within the VLAN. You can't create 10.200.1.x/16 as VLAN 1 10.200.2.x/16 or /24 as VLAN 2 because VLAN 2 will become part of VLAN 1, does not serve the purpose of having VLAN configuration

Policy routing [7:2871]

2001-05-02 Thread Andy Low
Hi, I am having problem with my policy routing, hope that anyone can help me. 1) 1.1.1.1 is a low-end router connected to my high-end router ( multihomed, running HSRP). 2) 1.1.1.1 is in VLAN 154 3) 5.5.5.1 is the another neighbour router peering with my high-router router. The problem is whene

Cisco HSRP Denial of Service Vulnerability [7:3534]

2001-05-07 Thread Andy Low
Hi TAC, Anyone know of any solutions to the HSRP exploits? http://www.securityfocus.com/bid/2684 -andy- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3534&t=3534 -- FAQ, list archives, and subscription info: http://www.gro

RE: Cisco HSRP Denial of Service Vulnerability [7:3534]

2001-05-07 Thread Andy Low
AM To: Andy Low; [EMAIL PROTECTED] Subject: RE: Cisco HSRP Denial of Service Vulnerability [7:3534] Interesting "A problem in the Cisco Hot Standby Routing Protocol (HSRP) makes it possible to deny service to users of network resources. By eavesdropping on HSRP management messages sen

RE: Cisco HSRP Denial of Service Vulnerability [7:3534]

2001-05-07 Thread Andy Low
Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 08, 2001 11:29 AM To: Andy Low; [EMAIL PROTECTED] Subject: RE: Cisco HSRP Denial of Service Vulnerability [7:3534] Interesting "A problem in the Cisco Hot Standby Routing Protocol (HSRP) makes it possible to de

RE: Cisco HSRP Denial of Service Vulnerability [7:3534]

2001-05-08 Thread Andy Low
Yes, seem like that's the current solutions. But this will create high overhead on routers, imagine every 3 secs of Hello packets means every 3 secs of encryption and decrytion and what if there are multiple groups? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On

HSRP Statechage [7:4403]

2001-05-14 Thread Andy Low
Hi, What could cause a HSRP state change if the router is not down? It's very difficult to debug since there is no pre-determine time of when this will happen? There is nothing to do with the recent HSRP DoS for sure :), since I have implemented the necessary steps to overcome it. #sh logging |

single or mutlimode? [7:5224]

2001-05-21 Thread Andy Low
Hi, May I know what is the command to check where the ATM interface card is multi-mode or single-mode? Thanks, Andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=5224&t=5224 -- FAQ, list archives, and subscription info: http

Dos Attack [7:7049]

2001-06-04 Thread Andy Low
Hi, If there is a machine within my network generating high load of traffic, how can I detect the machine asap? I have cisco 7507 routers and catalyst 5509 switches. Which command should I use to check? On the catalyst switch which command can I use to find out port the machine is plugged to? T

unknown Traffic [7:7129]

2001-06-04 Thread Andy Low
y when 36M of traffic went into my LAN interface (input), only less than 26M were threw out to the Uplinks (output) Best Regards, Andy Low Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7129&t=7129 -- FAQ, list archives

RE: Dos Attack [7:7049]

2001-06-05 Thread Andy Low
ow which segment the station is on, look at the local router's arp table to determine the MAC address 3) Look at the switch(s) to find the port the MAC is on and then trace to the physical station and investigate Regards, Kent On 4 Jun 2001, at 8:03, Andy Low wrote: > Hi, > > If th

RE: Dos Attack [7:7049]

2001-06-08 Thread Andy Low
Hi Kent, Do you know about netflow switching, must I enable that? Andy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, June 08, 2001 1:05 AM To: [EMAIL PROTECTED]; Andy Low Subject: RE: Dos Attack [7:7049] In my experience, no. I've turned

connectivity problem [7:8664]

2001-06-14 Thread Andy Low
Hi, Below is my tcpdump message from machine A (123.123.123.123), machine B with 213.213.213.213 unable to telnet into machine A. However machine B is able to telnet to other server. Other machines can telnet into machine A other than machine B, there is no firewall or tcpwrapper enable. >From t

RE: connectivity problem [7:8664]

2001-06-14 Thread Andy Low
Unfortunately, there is no hosts.deny / hosts.allow file. Tcpwarpper is not enable on that machine. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, June 15, 2001 12:41 PM To: Andy Low Cc: [EMAIL PROTECTED] Subject: Re: connectivity problem [7:8664

Catalyst 5509 [7:13848]

2001-07-26 Thread Andy Low
Hi, Anyone knows how to enable ACL or some form of telnet control to the switch. Is there any instructions on how to control the SNMP query as well. Thanks, Andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=13848&t=13848 --