Date: Thu, 09 Jan 2003 19:07:13 -0700 From: Ralph Forsythe <rf-list@centerone.com> To: Andrew Karjagin <Andrew.Karjagin@newmail.ru>, freebsd-isp@FreeBSD.ORG Subject: Re: access-list from scan Message-ID: <5.1.0.14.2.20030109190409.0126adb0@mail.centerone.com> In-Reply-To: <20030109093941.13735.qmail@flock1.newmail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Check the Cisco support site. ACL's can be used to stop scans, but it's a manual thing - you need to know= =20 where they are coming from, then modify your ACL to block them. A router=20 does not do Intrusion Detection. The ACL's in them are rudimentary. FYI I do not know what kind of connection you're running into the 7200, or= =20 what feeds into the Cisco's behind them, but no scan should stop a router -= =20 by that I mean the router should be fully capable of handling the speed of= =20 the traffic allowed by it's interfaces. If your routers are being DoS'd,=20 make sure you are running current levels of IOS on all of them. It's not=20 uncommon for Cisco to put security fixes in code revisions. -rf At 12:39 PM 1/9/2003 +0300, Andrew Karjagin wrote: >Hello! >I have a four class C networks behind a Cisco 7206. That networks=20 >processed by some smaller cisco routers and FreeBSD servers. Sometimes I=20 >have a problem with scanning my networks from other hosts. Some smaller=20 >cisco routers stop work. Freebsd servers stop the scanning by portsentry=20 >program and it work Ok! >Question: Where can I find resources/sites with docs about configuring=20 >access-list on Cisco, that can help me to stop the scanning of my networks= =20 >on main Cisco 7206? Is that possible to stop scan and other attacks on=20 >Cisco by using access-list or I have to use another features/progs? >Thank you very much for help! > >__________ >www.newmail.ru -- =EE=CF=D7=C1=D1 =F0=CF=DE=D4=C1: =D7=D3=C5 =D0=CF =CE=CF= =D7=CF=CD=D5. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20030109190409.0126adb0>