Re: [fw-wiz] Cisco acls
From: Steve Saeedi (saeedi_at_ebrary.com)
To: "Eric Appelboom" <firstname.lastname@example.org> Date: Tue, 1 Mar 2005 12:01:01 -0800
If you have a tftp server handy you can tftp the modified ACLs section
of your router in a file with the first line reading, "no access-list
177". It's a lot faster than paste. I haven't tried scp.
The other alternative is you're dual-homed, shutdown the externally
facing interface, then apply the updated acls.
To answer your question, yes, manually pasting will leave your router
vulnerable for that short period of time.
On Mar 1, 2005, at 7:53 AM, Eric Appelboom wrote:
> I would appreciate some comments with regard to the extensive use of
> cisco routers acls
> To protect numerous networks.
> My concern is that when someone amends an access-list one generally
> enters, no access-list 177 and
> Then pastes in the new access list. Does this mean that for a period of
> time there is no protection on the
> Network that the acls applies?
> Best Regards
> MWEB: S.A.'s trusted Internet Service Provider. Just Like that.
> To join, click here or call 08600 32000.
> firewall-wizards mailing list
firewall-wizards mailing list