AAA uRPF Flashcards
Q
A
What are the operating ports of Radius?
UDP port 1812/1645 (Authentication), 1813/1646 (Accounting)
Encrypt the entire payload of each packet (leaving only the RADIUS header in cleartext)
False, it is TACACS
In Radius, Authentication and authorization are combined in one function (packet), Command logging is not supported
True
TACACS runs on TCP port ___
49
In TACACS, authentication, authorization, and accounting are separated
True
Describe the sequence of configuring AAA elements
Configure the servers, Enable AAA - aaa new-model, Configure the lists for authentication, authorization, and accounting, Configure the lines to use the lists
URPF, The ______
Allows the lookup to match with the default route, With strict mode, the packet only passes if it is received on the interface where the default route points, Allow default
Global configuration followed by a cold reload is required to enable or disable uRPF on the router
True
The allow self-ping option is default for loose and strict modes and cannot be disabled
True
Command to configure URFP
ip verify unicast source reachable via {rx | any}
The command below configures _____ mode
ip verify unicast source reachable via any, loose (strict would be rx)
RTBH, A router called the ______ router notifies the ______ about the attack so that the traffic is dropped
signaling, edges
How does RTBH source-based work?
Uses BGP Signaling + uRPF to drop packets originating from attackers, This way, the attacked IP remains available for legitimate sources, Operation:, The attacker(s) IP(s) must be identified, uRPF must be active on interfaces where the attack might be coming from, Upstream facing or customer facing interfaces, When the traffic is received on the router, it will undergo a lookup, and in the RIB, the next hop interface for the IP or block will be null0, thus uRPF will drop the traffic
