Port host is a macro that turns off port channelling, turns
on portfast. Nothing in port host
that I know of shuts off VTP or HSRP frames from running
around the layer 2 broadcast domain....you might be able to
do something with a VACL, i am not sure..we deny access in
our 6509's to rogue dhcp servers with a VACL...
Larry Letterman
Network Engineer
Cisco Systems
----- Original Message -----
From: "Daniel Cotts"
To:
Sent: Friday, January 24, 2003 2:49 PM
Subject: RE: How to Block STP, VTP, etc. on Access Ports?
[7:61796]
> It appears that the "Security Consultants" then didn't
earn their fee. Must
> be a company run by Dogbert.
> Consulting truism: "The higher up the chain of command you
sell your
> services - the less you have to know and the higher you
can charge."
>
> > -----Original Message-----
> > From: s vermill [mailto:nobody@xxxxxxxxxxxxxx]
>
> > Thanks Priscilla. I found it interesting that the
security
> > consultants made
> > note of these "findings" and made a strong
recommendation
> > that we fix them.
> > No suggestions on how to do so were offered. I imagine
there
> > is a L2 ACL
> > solution or something along those lines. I was hoping
for
> > something clean,
> > but I guess it's time to earn our paycheck.
> >
> > Regards,
> >
> > Scott
abuse@xxxxxxxxxxxxxx
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61841&t=61796
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx
