nanog mailing list archives

Re: Auto ACL blocker

From: Larry Smith <lesmith () ecsis net>
Date: Tue, 18 Jan 2011 13:31:30 -0600

On Tue January 18 2011 13:12, Brian R. Watters wrote:

We are looking for the following solution.

Honey pot that collects attacks against SSH/FTP and so on

Said attacks are then sent to a master ACL on a edge Cisco router to block
all traffic from these offenders ..

Of course we would require a master whitelist as well as to not be blocked
from our own networks.

Any current solutions or ideas ??


Private BGP session with Zebra or Quagga on a linux box
adding the selected IP to a null route.

-- 
Larry Smith
lesmith () ecsis net

Current thread:

Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Guerra, Ruben (Jan 18)
- Re: Auto ACL blocker Roland Dobbins (Jan 18)
- Re: Auto ACL blocker Greg Whynott (Jan 18)
- Re: Auto ACL blocker Larry Smith (Jan 18)
  - RE: Auto ACL blocker Mark Scholten (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- RE: Auto ACL blocker Ronald Bonica (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- Re: Auto ACL blocker Joe Blanchard (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
  - Re: Auto ACL blocker ML (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)

(Thread continues...)