nanog mailing list archives
RE: ACLs / Filter Lists - Best Practices
From: "Barry Raveendran Greene" <bgreene () cisco com>
Date: Wed, 28 Nov 2001 07:30:03 -0800
Chris is talking about the ISP Workshop Archives which includes the ISP Essentials whitepaper/presentations, security presentations, multihoming presentations, and other materials we use to help new generations of ISP Engineers get up to speed. It is all "Cisco" stuff, so keep that in mind. No fancy web pages - just browse the directories: http://www.cisco.com/public/cons/ The security materials are at: http://www.cisco.com/public/cons/isp/security/ ISP Essentials is at: http://www.cisco.com/public/cons/isp/documents/
-----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of Christopher L. Morrow Sent: Tuesday, November 27, 2001 9:13 PM To: John McBrayne Cc: nanog () merit edu Subject: Re: ACLs / Filter Lists - Best Practices On Tue, 27 Nov 2001, John McBrayne wrote: jm> jm> Is anyone aware of any current "best practices" related to the jm> recommended set of filtering rules (Cisco ACL lists or Juniper filter jm> sets) for reasons of Security, statistics collection, DoS attack jm> analysis/prevention, etc.? I'm curious to see if there are any such John, the three areas you mention above really should be treated differently, is there something you are particularly interested in among these? On a 'generic' note there is are some recommendations offered by Cisco at thier website, I can't (of course) endorse them over anyone else, Barry Greene (who posts at times here and should respond to this note with the proper links from Cisco) is one of the better voices at Cisco for the Security (atleast) topic. Additionally, there were some 'recommended' or 'best practices' covered at the last NANOG: http://www.nanog.org/mtg-0110/greene.html That should atleast get you started on 'Security' and 'DoS' stuff... as to statistics could you clarify this some? jm> recommendations for Tier 1/Tier 2 backbone routers, peering points, jm> etc., as opposed to CPE terminations or Enterprise/LAN equipment jm> recommendations. jm> Hmm, I'm not going to recommend anything, since your network is likely MUCH different from any one I'm working on... BUT perhaps wecan discuss some likely scenarios?? (perhaps the other list members might have some statistics gathering ideas/examples??) jm> Actual config file examples would be great, if they exist.
Current thread:
- ACLs / Filter Lists - Best Practices John McBrayne (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Scott Francis (Nov 27)
- Re: ACLs / Filter Lists - Best Practices E.B. Dreger (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Christopher L. Morrow (Nov 27)
- RE: ACLs / Filter Lists - Best Practices Barry Raveendran Greene (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Geoff Zinderdine (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Nicolas FISCHBACH (Nov 28)
- RE: ACLs / Filter Lists - Best Practices Tim Irwin (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Adrian Chadd (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- RE: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- <Possible follow-ups>
- RE: ACLs / Filter Lists - Best Practices Irwin Lazar (Nov 28)