Date: Thu, 09 Jan 2003 19:07:13 -0700 From: Ralph Forsythe <rf-list@centerone.com> To: Andrew Karjagin <Andrew.Karjagin@newmail.ru>, freebsd-isp@FreeBSD.ORG Subject: Re: access-list from scan Message-ID: <5.1.0.14.2.20030109190409.0126adb0@mail.centerone.com> In-Reply-To: <20030109093941.13735.qmail@flock1.newmail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Check the Cisco support site. ACL's can be used to stop scans, but it's a manual thing - you need to know where they are coming from, then modify your ACL to block them. A router does not do Intrusion Detection. The ACL's in them are rudimentary. FYI I do not know what kind of connection you're running into the 7200, or what feeds into the Cisco's behind them, but no scan should stop a router - by that I mean the router should be fully capable of handling the speed of the traffic allowed by it's interfaces. If your routers are being DoS'd, make sure you are running current levels of IOS on all of them. It's not uncommon for Cisco to put security fixes in code revisions. -rf At 12:39 PM 1/9/2003 +0300, Andrew Karjagin wrote: >Hello! >I have a four class C networks behind a Cisco 7206. That networks >processed by some smaller cisco routers and FreeBSD servers. Sometimes I >have a problem with scanning my networks from other hosts. Some smaller >cisco routers stop work. Freebsd servers stop the scanning by portsentry >program and it work Ok! >Question: Where can I find resources/sites with docs about configuring >access-list on Cisco, that can help me to stop the scanning of my networks >on main Cisco 7206? Is that possible to stop scan and other attacks on >Cisco by using access-list or I have to use another features/progs? >Thank you very much for help! > >__________ >www.newmail.ru -- Новая Почта: все по новому. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20030109190409.0126adb0>