Security Basics mailing list archives
RE: deny access
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 29 Nov 2004 09:33:08 -0800
The canonical way to do this is with an access list, but that might be biting off more than you're ready to chew. A "quick and dirty" method is to add a black hole route for this address: enable config terminal ip route 216.212.33.185 255.255.255.255 Null0 end write mem Your email server will still receive SYN packets when this address tries to connect, but the answering SYN-ACK packets won't make it past your router and so the connection can never be established. (Nor will that address get an answer to pings.) David Gillett
-----Original Message----- From: Carlos Garcia [mailto:carlosg () cabonet net mx] Sent: Wednesday, November 24, 2004 3:28 PM To: security-basics () securityfocus com Subject: deny access newbie question how can i block this ip 216.212.33.185 i have a cisco 7200 this ip is trying to send mail with my server, i did not configure the router so i dont know how to do this any help? Atte. Carlos A. Garcia G. Cabonet Staff Tel (624) 14 30120
Current thread:
- deny access Carlos Garcia (Nov 26)
- Re: deny access Sean Earp (Nov 27)
- Re: deny access John R. Morris (Nov 27)
- Re: deny access GuidoZ (Nov 27)
- RE: deny access dave kleiman (Nov 27)
- RE: deny access David Gillett (Nov 29)
- <Possible follow-ups>
- Re: deny access Carlos Garcia (Nov 27)
- Re: deny access GuidoZ (Nov 29)
- Message not available
- Re: deny access GuidoZ (Nov 30)
- Re: deny access GuidoZ (Nov 30)
- Re: deny access GuidoZ (Nov 29)
- RE: deny access David Gillett (Nov 30)
- RE: deny access James McGee (Nov 30)
- RE: deny access James McGee (Nov 30)