Security Basics mailing list archives

RE: deny access

From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 29 Nov 2004 09:33:08 -0800

  The canonical way to do this is with an access list, but that
might be biting off more than you're ready to chew.
  A "quick and dirty" method is to add a black hole route for
this address:

enable
config terminal
ip route 216.212.33.185 255.255.255.255 Null0
end
write mem

  Your email server will still receive SYN packets when this
address tries to connect, but the answering SYN-ACK packets 
won't make it past your router and so the connection can never 
be established.  (Nor will that address get an answer to pings.)

David Gillett

-----Original Message-----
From: Carlos Garcia [mailto:carlosg () cabonet net mx]
Sent: Wednesday, November 24, 2004 3:28 PM
To: security-basics () securityfocus com
Subject: deny access

newbie question how can i block this ip 216.212.33.185 i have 
a cisco 7200 
this ip is trying to send mail with my server, i did not 
configure the 
router so i dont know how to do this any help?

Atte.
Carlos A. Garcia G.
Cabonet Staff
Tel (624) 14 30120

Current thread:

deny access Carlos Garcia (Nov 26)
- Re: deny access Sean Earp (Nov 27)
- Re: deny access John R. Morris (Nov 27)
- Re: deny access GuidoZ (Nov 27)
- RE: deny access dave kleiman (Nov 27)
- RE: deny access David Gillett (Nov 29)
- <Possible follow-ups>
- Re: deny access Carlos Garcia (Nov 27)
  - Re: deny access GuidoZ (Nov 29)
    - Message not available
    - Re: deny access GuidoZ (Nov 30)
    - Re: deny access GuidoZ (Nov 30)
  - RE: deny access David Gillett (Nov 30)
    - RE: deny access James McGee (Nov 30)
- RE: deny access Omar Salvador Alcalá Ruiz (Nov 30)
- RE: deny access David Gillett (Nov 30)
  - RE: deny access James McGee (Nov 30)