nanog mailing list archives
Re: ACLs / Filter Lists - Best Practices
From: Scott Francis <darkuncle () darkuncle net>
Date: Tue, 27 Nov 2001 17:00:12 -0800
On Tue, Nov 27, 2001 at 03:37:18PM -0800, John McBrayne stated:
Is anyone aware of any current "best practices" related to the recommended set of filtering rules (Cisco ACL lists or Juniper filter sets) for reasons of Security, statistics collection, DoS attack analysis/prevention, etc.? I'm curious to see if there are any such recommendations for Tier 1/Tier 2 backbone routers, peering points, etc., as opposed to CPE terminations or Enterprise/LAN equipment recommendations. Actual config file examples would be great, if they exist. Thanks; ..john
enter the RFC1918/egress filtering rants ... mmmm on a constructive note, I don't have config files to list, but a good start would be: * RFC1918 space filtered * egress filtering (space not on your network should not appear to be originating from within your network) * smurf prevention with no-directed-broadcast or the equivalent There were a couple of very helpful presentations at this year's ToorCon <http://www.toorcon.org> wrt locking down routers, with emphasis on Cisco hardware. Take a look at http://toorcon.org/lineup/ciscosecurity/ (HTML; PS also available) - that was the presentation on using Cisco IOS for Network Security. There seems to be no presentation notes available for 'The Top 25 Overlooked Configurations on Routers and Switches' on the site; I have some (rather poor and haphazard) notes I took myself that are available at http://darkuncle.net/top25_router_configurations.txt HTH -- Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t UNIX | IP networks | security | sysadmin | caffeine | BOFH | general geekery GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
Attachment:
_bin
Description:
Current thread:
- ACLs / Filter Lists - Best Practices John McBrayne (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Scott Francis (Nov 27)
- Re: ACLs / Filter Lists - Best Practices E.B. Dreger (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Christopher L. Morrow (Nov 27)
- RE: ACLs / Filter Lists - Best Practices Barry Raveendran Greene (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Geoff Zinderdine (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Nicolas FISCHBACH (Nov 28)
- RE: ACLs / Filter Lists - Best Practices Tim Irwin (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Adrian Chadd (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- RE: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)