GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: How to Block STP, VTP, etc. on Access Ports? [7:61796] posted 01/25/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Port host is a macro that turns off port channelling, turns
on portfast. Nothing in port host
that I know of shuts off VTP or HSRP frames from running
around the layer 2 broadcast domain....you might be able to
do something with a VACL, i am not sure..we deny access in
our 6509's to rogue dhcp servers with a VACL...

Larry Letterman
Network Engineer
Cisco Systems


----- Original Message -----
From: "Daniel Cotts" 
To: 
Sent: Friday, January 24, 2003 2:49 PM
Subject: RE: How to Block STP, VTP, etc. on Access Ports?
[7:61796]


> It appears that the "Security Consultants" then didn't
earn their fee. Must
> be a company run by Dogbert.
> Consulting truism: "The higher up the chain of command you
sell your
> services - the less you have to know and the higher you
can charge."
>
> > -----Original Message-----
> > From: s vermill [mailto:nobody@xxxxxxxxxxxxxx]
>
> > Thanks Priscilla.  I found it interesting that the
security
> > consultants made
> > note of these "findings" and made a strong
recommendation
> > that we fix them.
> > No suggestions on how to do so were offered.  I imagine
there
> > is a L2 ACL
> > solution or something along those lines.  I was hoping
for
> > something clean,
> > but I guess it's time to earn our paycheck.
> >
> > Regards,
> >
> > Scott
abuse@xxxxxxxxxxxxxx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61841&t=61796
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx