nanog mailing list archives
Re: ACLs / Filter Lists - Best Practices
From: Nicolas FISCHBACH <nicolist () securite org>
Date: Wed, 28 Nov 2001 19:26:18 +0100
John McBrayne wrote:
Is anyone aware of any current "best practices" related to the recommended set of filtering rules (Cisco ACL lists or Juniper filter sets) for reasons of Security, statistics collection, DoS attack analysis/prevention, etc.? I'm curious to see if there are any such recommendations for Tier 1/Tier 2 backbone routers, peering points, etc., as opposed to CPE terminations or Enterprise/LAN equipment recommendations. Actual config file examples would be great, if they exist.
Protecting your IP network infrastructure (talk @BlackHat Briefings) (how to secure Cisco routers and (multi-layer) switches running IOS, CatOS, CatIOS and the networks they interconnect) : http://www.securite.org/presentations/secip/ Any feedback, comments, fixes, ideas are welcome :-) Nico. -- Nicolas FISCHBACH (nico () securite org) <http://www.securite.org/nico/> Senior IP&Security Engineer - Professional Services - COLT Telecom AG Securite.Org Team <http://www.securite.org/>
Current thread:
- ACLs / Filter Lists - Best Practices John McBrayne (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Scott Francis (Nov 27)
- Re: ACLs / Filter Lists - Best Practices E.B. Dreger (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Christopher L. Morrow (Nov 27)
- RE: ACLs / Filter Lists - Best Practices Barry Raveendran Greene (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Geoff Zinderdine (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Nicolas FISCHBACH (Nov 28)
- RE: ACLs / Filter Lists - Best Practices Tim Irwin (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Adrian Chadd (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- RE: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- <Possible follow-ups>
- RE: ACLs / Filter Lists - Best Practices Irwin Lazar (Nov 28)