[c-nsp] TFTP/SCP
Jared Mauch
jared at puck.nether.net
Thu Nov 19 10:00:59 EST 2015
Yup. You can filter by IP address and check image checksum after if it's something without a crypto signature.
Jared Mauch
> On Nov 19, 2015, at 8:54 AM, Daniel Brisson <dbrisson at uvm.edu> wrote:
>
> What about protecting credentials? Do you use a service account that has 0 access other than FTP'ing images?
>
> -dan
>
>
> -----Original Message-----
> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jared Mauch
> Sent: Thursday, November 19, 2015 8:54 AM
> To: Mark Tinka <mark.tinka at seacom.mu>
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] TFTP/SCP
>
> We use FTP as the image isn't something that needs to be protected from eavesdroppers.
>
> Jared Mauch
>
>> On Nov 19, 2015, at 6:46 AM, Mark Tinka <mark.tinka at seacom.mu> wrote:
>>
>>
>>
>>> On 19/Nov/15 12:25, Harry Hambi - Atos wrote:
>>>
>>> Hi All,
>>> Uploading IOS 15.2.SE7 to a number of 3750 switches using tftp. This proved very slow, so I decided to use SCP which was a lot quicker. However, SCP caused a cpu spike on the switch which caused snmp drops. Has anyone ever experience this?, the switch was passing data traffic normally.
>>
>> Might make sense.
>>
>> SCP is exception traffic, as is SNMP traffic to the switch.
>>
>> Mark.
>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list