nanog mailing list archives
BCP for ISP to block worms at PEs and NAS
From: Kim Onnel <karim.adel () gmail com>
Date: Sun, 17 Apr 2005 13:28:21 +0200
Hello, Can someone confirm if my approach explained below is sufficient and if there is other/better ways to do this ? something i am missing. On my Cisco-based SP network with RPMs in MGX chassis acting as PEs: I have the ACL below applied on many network devices to block the common worms ports, On the NAS, i have placed the worm on the Group-Async interfaces so the worms will not propagate between user who dial up on the same NAS, and on the uplink ethernet interface.(in and out) On the PEs, i have placed it on the interface switches for the customers and on the uplink too, and then on the aggregating routers and on the gateway for all these. ip access-list extended worms deny tcp any any eq 5554 deny tcp any any range 135 139 deny udp any any range 135 netbios-ss deny tcp any any eq 445 deny udp any any eq 1026 permit ip any any Regards
Current thread:
- BCP for ISP to block worms at PEs and NAS Kim Onnel (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Suresh Ramasubramanian (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Sean Donelan (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS J.D. Falk (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Kim Onnel (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)