CCNA, CCENT, CCNP Tutorial on Routers and Routing by M. Aslam

Home » Categories » Computers & Networking » Technical Certification » CCNA, CCENT, CCNP Tutorial on Routers and Routing » Printer Friendly

CCNA, CCENT, CCNP Tutorial on Routers and Routing
No Reader Ratings Available ?	Rate It / View Comments / View All Articles submitted by M. Aslam
Submitted Friday, November 21, 2008
M. Aslam ⁽³¹⁵⁾ Log in to become a member of M. Aslam's Fan Club!

Routers are the critical part of all the networks and can be both security aid and security vulnerability. A router basically has more network interfaces through which network traffic is forwarded. Or it might be blocked. The router decides when to forward packets between the networks based on internal routing table.

The routing table can also be static. That means where each route is explicitly defined or dynamic where the router learns new routes by the use the routing protocols.

A router also supports access control lists that specify which packets to allow or blocked. Every packet going through a router will be checked against the ACL to see if the packet is allowed to be forwarded. Lots of current routers offer security capabilities along with their routing functionality. Segmenting the network using routers limits the amount of the data flowing through segments. It also applies to broadcast traffic.

Routers also allow technicians to explicitly deny a few packets the ability to be forwarded between segments. Using just the internal security features of some,

routers can prevent users through internal network from using the Telnet to access external systems. Telnet are always a security risk as the passwords and all communications are transmitted in cleartext. Because of this, it's best not to create Telnet sessions between the internal network and an external network. Without a firewall, the rule can be put in place within the router to drop packets attempting to connect to port 23 on any external systems. After all of this is done by properly con- figuring the ACLs for the router. Spoofed packets are packets that contain the IP address in the header that are not the actual IP address of the

originating the computer. Routers combat this by giving the technicians the ability to drop packets which are coming through the interface from the wrong subnet. . If the packet comes in from the router's external interface by using an IP address from the network on the router's internal interface, the router can be instructed to drop the packet and not forward it. There are two types of access lists available to filter traffic on Cisco routers. One of them is a standard access list. It allows technicians to filter traffic from specific addresses or subnet ranges. Cisco also provides extended access lists, which allow technicians to filter based on a variety of criteria. This access list allows technicians to use source addresses, destination addresses, and specific network services as the basis of filtering rules.

Learn about CCNA Exam and download vista service pack 1 .

tweet this!

►Reprint Rights◄

Was this article helpful to you? Leave a Public Comment or Question:


	This Article has been viewed 142 times. Article added to SearchWarp.com on 11/21/2008 4:47:29 AM. View other articles written by M. Aslam ⁽³¹⁵⁾

If you found this article interesting, you may want to check out:

What is the story behind searchwarp?
CompTIA A+, Security+, Network+ Tutorial Ethernet Card Troubleshooting
Windows Vista Sidebar, Gadgets, Easy Wireless Networking and Improved Back Features
Why should you get Microsoft and Cisco Certification?
Free CCNA Wirless Tutorial
Cisco CCNA and CCNP Practice Exam Questions: Etherchannels, Network Security, and More!
Microsoft Excel It's More Than Just Spreadsheets
CCNA Voice Tutorial: DHCP And The IP Phone Boot Process

Disclaimer: All information on this site is provided for informational purposes only! By no means is any information presented herein intended to substitute for the advice provided to you by any health care or other professional or organization.