why do i hate this kind of garbage so much... here's why... you add this kind of dogshit to your network and you end up troubleshooting the dogshit...
so eigrp authentication using md5 just might prevent a DoS attack... might is the operative word here...
go into global key chain configuration mode... it hurt typing that...
dls1(config)#key chain bullshit
dls1(config-keychain)#key 69
dls1(config-keychain-key)#key-string bullshit
dls1(config-keychain-key)#
dls1(config-keychain)#key 69
dls1(config-keychain-key)#key-string bullshit
dls1(config-keychain-key)#
create the key chain
create the key number
create the key string
in interface configuration mode...
dls1(config)#int f0/24
dls1(config-if)#ip authentication mode eigrp 1 md5
dls1(config-if)#ip authentication key-chain eigrp 1 bullshit
dls1(config-if)#
dls1(config-if)#ip authentication mode eigrp 1 md5
dls1(config-if)#ip authentication key-chain eigrp 1 bullshit
dls1(config-if)#
you can also use time based logic for it... i'll let you go farther on that, i'm about to throw up in my mouth a little right now...
verify...
dls1#sh key chain
Key-chain bullshit:
key 69 -- text "bullshit"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
dls1#
yuck...
No comments:
Post a Comment