Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco acls

From: Steve Saeedi <saeedi () ebrary com>
Date: Tue, 1 Mar 2005 12:01:01 -0800
If you have a tftp server handy you can tftp the modified ACLs section of your router in a file with the first line reading, "no access-list 177". It's a lot faster than paste. I haven't tried scp.
The other alternative is you're dual-homed, shutdown the externally facing interface, then apply the updated acls.
To answer your question, yes, manually pasting will leave your router vulnerable for that short period of time. 

- Steve

On Mar 1, 2005, at 7:53 AM, Eric Appelboom wrote:



Hi,

I would appreciate some comments with regard to the extensive use of
cisco routers acls
To protect numerous networks.

My concern is that when someone amends an access-list one generally
enters, no access-list 177 and
Then pastes in the new access list. Does this mean that for a period of
time there is no protection on the
Network that the acls applies?

Best Regards
Eric
MWEB: S.A.'s trusted Internet Service Provider. Just Like that.
To join, click here or call 08600 32000.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: