Re: Fragmented/initially fragmented packets

From: nhatphuc (nhatphuc@gmail.com)
Date: Thu Jan 10 2008 - 04:57:54 ARST

• Next message: subodh.rawat@wipro.com: "RE: CCIE #19769"
• Previous message: nhatphuc: "Re: IE Mock Labs - which ones to do?"
• Maybe in reply to: N P: "Fragmented/initially fragmented packets"
• Next in thread: Bajo: "Re: Fragmented/initially fragmented packets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://www.cisco.com/warp/public/105/acl_wp.html

On Jan 10, 2008 12:37 AM, N P <np643237@gmail.com> wrote:

> Hi Group,
>
>
>
> I know that to prevent Dos attacks involving fragmented packets can be
> stopped by the following ACL.
>
>
>
> Ip access-list ext DENY_DOS
>
> Deny ip any any fragmented
>
> Permit ip any any
>
>
>
> I also understand this will only permit non fragmented packets and
> initially
> fragmented packets. Now my question is, how do we differentiate fragmented
> and initially fragmented packets? I am confused.
>
>
>
>
>
> Regards,
>
>
>
> N P
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: subodh.rawat@wipro.com: "RE: CCIE #19769"
• Previous message: nhatphuc: "Re: IE Mock Labs - which ones to do?"
• Maybe in reply to: N P: "Fragmented/initially fragmented packets"
• Next in thread: Bajo: "Re: Fragmented/initially fragmented packets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:58 ARST