Security Basics mailing list archives
RE: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites?
From: "Christopher Carpenter" <ccarpenter () dswa net>
Date: Wed, 9 Nov 2005 12:29:17 -0700
Look at it the other way. You want to DENY ALL, then ALLOW SOME. Block all ports and IPs, and then grant access to the ones you need. If you ALLOW ALL, DENY SOME you will end up fighting a losing battle creating ACL after ACL. Make sense? C -----Original Message----- From: Pigeon [mailto:fredit () charter net] Sent: Tuesday, November 08, 2005 10:27 PM To: security-basics () securityfocus com Subject: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? I just got my first cisco router in (well for home use :) ).. and I want to lock my network down.. Are there any default ACL lists that will block: A) known bad IPs B) trojan ports C) protection against spoofing (aka denying private IP source port incoming in the WAN port) I know I will have to modify whatever I have.. but a general list would be great! thanks!
Current thread:
- CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? Pigeon (Nov 09)
- RE: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? Jacob (Nov 10)
- RE: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? dave kleiman (Nov 10)
- Re: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? Austin Murkland (Nov 10)
- <Possible follow-ups>
- RE: CISCO ACLs.. Are there lists already out there to protect me from trojans and known bad sites? Christopher Carpenter (Nov 10)