Skip to main content

Router Security

More
17 years 4 months ago #18659 by Benny
Router Security was created by Benny
Hey Everyone,

I was just reading through the ACL configuration document. In that i came to know that router can also allow/block packets based on application layer protocols( such as ftp,snmp etc).

All i heard from most of the people is that router supports only Layer3 security but if it can block/allow packets based on protocols
then it also secure the packets till Layer 7.

Comments on this topic is much appreciated.

Kindly bear with me if my thought on this is incorrect.

Thanks
More
17 years 4 months ago #18664 by Smurf
Replied by Smurf on topic Re: Router Security
Hi there Benny,

Its sort of not quite correct. We are talking about extended access lists to block access using ports. This is talking about Layer 4 of the OSI Model not upto layer 7.

I beleive that Cisco can now do stuff with the application layer and i know that the Pix Firewall can do scanning of the payload of things like http, ftp, smtp, etc... but this is different to normal TCP/UDP port numbers.

Cheers

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 4 months ago #18679 by buulam
Replied by buulam on topic Re: Router Security
To add to that, it'd be an administrative nightmare to maintain many ACL's :shock:
More
17 years 4 months ago #18740 by Benny
Replied by Benny on topic Re: Router Security
Thanks
Time to create page: 0.146 seconds