Re: deny access

["Carlos Garcia" <carlosg () cabonet net mx>]

want to secury my network people

best regards thanks for posting
Atte.
Carlos A. Garcia G.
Cabonet Staff
Tel (624) 14 30120


----- Original Message ----- 
From: "David Gillett" <gillettdavid () fhda edu>
To: "'James McGee'" <james () infosec co im>; "'Carlos Garcia'" 
<carlosg () cabonet net mx>; "'Agarwal, Ankur'" 
<Ankur.Agarwal () colt-telecom com>; <security-basics () securityfocus com>
Sent: Tuesday, November 30, 2004 2:19 PM
Subject: RE: deny access


>  Well, as an alternative to "Block one IP AND block everything else",
> I think it's preferable....
>  He didn't ask how to secure his network, he asked how to block that
> one IP.
>
> David Gillett
>
>
> > -----Original Message-----
> > From: James McGee [mailto:james () infosec co im]
> > Sent: Tuesday, November 30, 2004 12:56 PM
> > To: gillettdavid () fhda edu; 'Carlos Garcia'; 'Agarwal, Ankur';
> > security-basics () securityfocus com
> > Subject: RE: deny access
> >
> >
> > Errr..
> >
> > I think you've just told him to block one IP but allow
> > everyone else.....
> >
> > Not wise in my opinion....
> >
> >
> >
> > -----Original Message-----
> > From: David Gillett [mailto:gillettdavid () fhda edu]
> > Sent: 29 November 2004 18:21
> > To: 'Carlos Garcia'; 'Agarwal, Ankur';
> > security-basics () securityfocus com
> > Subject: RE: deny access
> >
> > > access-list 101 deny ip host 216.212.33.185 any
> >
> > > access-list 101 deny ip 216.212.33.185 255.255.255.255 any
> >
> >   First of all, these two forms are exactly the same rule;
> > "host x.x.x.x" is
> > the same as "x.x.x.x 255.255.255.255" in an access list.
> >   Secondly, though, every access list has an implicit "deny
> > ip any any"
> > tacked onto the end, so if that line is your whole access
> > list then it will
> > block ALL traffic.  You need a second line
> >
> > access-list 101 permit ip any any
> >
> > to allow all traffic not blocked by the first line to flow.
> >
> >   Thirdly, I'm guessing that this hasn't yet blocked any
> > traffic, because
> > although you've defined an access list, you haven't yet
> > attached it to a
> > port and direction.  You need to add
> >
> > ip access-group 101 in
> >
> > to the configuration of your WAN/Internet interface.
> >
> > David Gillett
> >
> >
> > > -----Original Message-----
> > > From: Carlos Garcia [mailto:carlosg () cabonet net mx]
> > > Sent: Thursday, November 25, 2004 6:41 PM
> > > To: Agarwal, Ankur; security-basics () securityfocus com
> > > Subject: Re: deny access
> > >
> > >
> > > ok i just write
> > > access-list 101 deny ip host 216.212.33.185 any is this ok?
> > > i put too
> > > access-list 101 deny ip 216.212.33.185 255.255.255.255 any...
> > > and can somebody tell me how to improve this, i run some
> > servers and i
> > > want to protec them mail, web,dns,proxy's where can i find
> > a list so
> > > that it helps me how to configure the router to support QoS
> > i need it
> > > for VoIP service??? thanks for all the help
> > >
> > > Atte.
> > > Carlos A. Garcia G.
> > > Cabonet Staff
> > > Tel (624) 14 30120
> > >
> > >
> > > ----- Original Message -----
> > > From: "Agarwal, Ankur" <Ankur.Agarwal () colt-telecom com>
> > > To: "'Carlos Garcia'" <carlosg () cabonet net mx>;
> > > <security-basics () securityfocus com>
> > > Sent: Thursday, November 25, 2004 7:17 PM
> > > Subject: RE: deny access
> > >
> > >
> > > > HI
> > > > Simply create an deny access list to block this IP.
> > > >
> > > > Access-list 101 deny ip source ip destination ip
> > > >
> > > >
> > > >
> > > > Thanks & Regards,
> > > >
> > > > ___________________________________________________
> > > > Ankur Agarwal
> > > >
> > > >
> > > >
> > > > One Dial : 8-911-7428
> > > > Tel : +91 124 5157000 (Ext. 2272)
> > > > *Cell : +91 9810702016
> > > >
> > > >
> > > >
> > > > COLT India
> > > > ankur.agarwal () colt-telecom com
> > > >
> > > > ___________________________________________________
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Carlos Garcia [mailto:carlosg () cabonet net mx]
> > > > Sent: 25 November 2004 04:58
> > > > To: security-basics () securityfocus com
> > > > Subject: deny access
> > > >
> > > >
> > > > newbie question how can i block this ip 216.212.33.185 i
> > > have a cisco 7200
> > > > this ip is trying to send mail with my server, i did not
> > > configure the
> > > > router so i dont know how to do this any help?
> > > >
> > > >
> > > > Atte.
> > > > Carlos A. Garcia G.
> > > > Cabonet Staff
> > > > Tel (624) 14 30120
> > > >
> > > >
> > > >
> > > >
> > > **************************************************************
> > > ***********************
> > > > The message is intended for the named addressee only and
> > may not be
> > > > disclosed to or used by anyone else, nor may it be copied
> > > in any way.
> > > >
> > > > The contents of this message and its attachments are
> > > confidential and may
> > > > also be subject to legal privilege.  If you are not the
> > > named addressee
> > > > and/or have received this message in error, please advise
> > > us by e-mailing
> > > > security () colt net and delete the message and any
> > > attachments without
> > > > retaining any copies.
> > > >
> > > > Internet communications are not secure and COLT does not accept
> > > > responsibility for this message, its contents nor
> > > responsibility for any
> > > > viruses.
> > > >
> > > > No contracts can be created or varied on behalf of COLT
> > > > Telecommunications, its subsidiaries or affiliates ("COLT")
> > > and any other
> > > > party by email Communications unless expressly agreed in
> > > writing with such
> > > > other party.
> > > >
> > > > Please note that incoming emails will be automatically scanned to
> > > > eliminate potential viruses and unsolicited promotional
> > > emails. For more
> > > > information refer to www.colt.net or contact us on +44(0)20
> > > 7390 3900.
> > > >
> > > >
> > >