nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: George Herbert <gherbert () crl com>
Date: Tue, 17 Sep 1996 11:45:53 -0700
I have to stand somewhat corrected.
create a filter "internet.out" Contents: three lines for each net block you have: permit 1.2.3.4/20 tcp permit 1.2.3.4/20 udp permit 1.2.3.4/20 icmp
The more appropriate format would be: permit 1.2.3.4/20 0.0.0.0/0 tcp permit 1.2.3.4/20 0.0.0.0/0 udp permit 1.2.3.4/20 0.0.0.0/0 icmp You are *supposed* to use a src/dest netblock pair, though I have set up and used w/o a dest address and it worked.
final line to log (optional) MUST COME AFTER permit list for netblocks: deny log
If you choose not to log, then you need a line: deny Otherwise that which falls through isn't denied, obviously. Doing router filters while fatigued is often a problematic process. Try and work on them when you aren't so tired, unlike me when I sent my first mail 8-) -george william herbert gherbert () crl com - - - - - - - - - - - - - - - - -
Current thread:
- Re: New Denial of Service Attack on Panix, (continued)
- Re: New Denial of Service Attack on Panix Avi Freedman (Sep 16)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 16)
- Re: New Denial of Service Attack on Panix Avi Freedman (Sep 16)
- Re: New Denial of Service Attack on Panix David J. Schmidt (Sep 16)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 16)
- Re: New Denial of Service Attack on Panix Craig A. Huegen (Sep 16)
- Re: New Denial of Service Attack on Panix Michael Dillon (Sep 16)
- Re: New Denial of Service Attack on Panix Jon Green (Sep 16)
- Re: New Denial of Service Attack on Panix George Herbert (Sep 16)
- Re: New Denial of Service Attack on Panix Dick St.Peters (Sep 17)
- Re: New Denial of Service Attack on Panix George Herbert (Sep 17)
- Re: New Denial of Service Attack on Panix Dick St.Peters (Sep 17)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 16)
- Re: New Denial of Service Attack on Panix Bill Sommerfeld (Sep 16)
- RE: New Denial of Service Attack on Panix Jim Browning (Sep 16)
- Re: New Denial of Service Attack on Panix Paul A Vixie (Sep 16)
- RE: New Denial of Service Attack on Panix David Miller (Sep 17)
- Message not available
- Re: New Denial of Service Attack on Panix Sharif Torpis (Sep 17)
- Re: New Denial of Service Attack on Panix Alan Hannan (Sep 16)
- Re: New Denial of Service Attack on Panix Michael Dillon (Sep 16)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 17)