nanog mailing list archives

Re: Auto ACL blocker

From: ML <ml () kenweb org>
Date: Tue, 18 Jan 2011 19:27:42 -0500

On 1/18/2011 6:48 PM, Thomas Magill wrote:

Also, have you considered just using the spamhaus DROP list?  They even have code to have the list pushed to IOS 
available.  You could simply substitute your file for their list if you only want to use IPs caught by your honeypot.

http://www.spamhaus.org/faq/answers.lasso?section=DROP%20FAQ

I know Spamhaus doesn't offer a BGP feed of the DROP list. Has anyonemade a homegrown solution?

There is a PHP script that pull the DROP list and make a Cisco ACL orIPtables rules.


http://www.potato-people.com/code/misctools/spamhausdrop.phps

Current thread:

Re: Auto ACL blocker, (continued)
- Re: Auto ACL blocker Roland Dobbins (Jan 18)
- Re: Auto ACL blocker Greg Whynott (Jan 18)
- Re: Auto ACL blocker Larry Smith (Jan 18)
  - RE: Auto ACL blocker Mark Scholten (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
- RE: Auto ACL blocker Ronald Bonica (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- Re: Auto ACL blocker Joe Blanchard (Jan 18)
  - Re: Auto ACL blocker Brian R. Watters (Jan 18)
- RE: Auto ACL blocker Thomas Magill (Jan 18)
  - Re: Auto ACL blocker ML (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)
    - RE: Auto ACL blocker Thomas Magill (Jan 18)
- Re: Auto ACL blocker Brian R. Watters (Jan 18)
  - RE: Auto ACL blocker George Bonser (Jan 18)